Edgar Cervantes / Android Authority
TL;DR
- Gemini is built with safeguards to prevent misuse, but that doesn’t stop some government-funded bad guys from trying to use it to cause harm.
- Advanced Persistent Threat groups from China, Iran, North Korea, and Russia have all been identified as getting help from Gemini.
- The most common uses of Gemini appear to be for researching targets and helping at coding.
From pretty much the moment that powerful AI language models debuted on the scene, bad guys have been looking to do bad stuff with them. The companies behind them make concerted efforts to protect their models with safeguards against abuse, but bad actors are always coming up with new ways to try and get around these barriers. This week Google shares what it’s observed when it comes to Gemini and some well-connected international groups trying to use it for nasty business.
Google’s Threat Intelligence Group just published its report on adversarial misuse of generative AI. For starters, the company identifies two main types of attacks: those that use AI to lend a hand, like generating code that might be used to build malware, and those that directly try to get AI to perform unwanted actions, like harvesting account data. We also hear about two primary categories of adversaries: Advanced Persistent Threats (APT), which tend to be big nation-state-funded hacker groups, and Information Operations (IO), which are more about deception and making a mess of social media.
The good news is that, overall, no one sounds like they’ve been particularly successful at getting Gemini to do anything awful. While Google’s seen plenty of attempts to “jailbreak” Gemini by using creative instructions to convince it to ignore safety protocols, most of these have been pretty low-effort, just rehashing publicly posted strategies.
Instead, the biggest use of Gemini by bad guys appears to be mostly in the form of them using it as a research tool. Google identifies APTs from four countries as really forming the backbone of Gemini misuse: China, Iran, North Korea, and Russia. Those groups used Gemini for purposes like summarizing information on military and intelligence targets, explaining software vulnerabilities, and offering coding assistance.
Google also saw Gemini activity from IO groups in these same nations, tapping into the AI’s skills at translation, helping with the tone of messages, and really just making it easier for these groups to sound like anyone other than who they are, enabling them to operate clandestinely.
All this tends to highlight some rather fundamental limitations in trying to mitigate AI misuse. While Google seems to have been quite successful about preventing anyone from using Gemini to directly cause harm, when broader plans can be broken down into discrete, non-objectionable steps, bad actors can still take advantage of the power of AI to make their jobs easier. Because at the end of the day, that’s what AI was designed to do.
The complete Google Threat Intelligence Group report is a wild read, so check out the full thing if you’re curious for a whole lot more detail about these APTs and their use of Gemini.
