Russia, China increasingly using AI to escalate cyberattacks on US, Microsoft finds

WASHINGTON — Russia, China, Iran and North Korea have sharply increased their use of artificial intelligence to deceive people online and launch cyberattacks against the United States, according to a new study from Microsoft.

Last July, the company identified more than 200 cases of foreign adversaries using AI to create fake online content, more than double the number in July 2024 and more than ten times the number seen in 2023.

The findings, released Thursday in Microsoft’s annual Digital Threat Report, show how foreign adversaries are adopting new and innovative tactics in their efforts to turn the Internet into a tool for espionage and deception.

America’s adversaries, along with criminal gangs and hacking companies, have harnessed the potential of AI, using it to automate and enhance cyberattacks, spread inflammatory disinformation, and penetrate sensitive systems. For example, AI can translate poorly written phishing emails into plain English, as well as generate digital clones of senior officials.

Government cyber operations often aim to obtain classified information, undermine supply chains, disrupt essential public services, or spread disinformation. Cybercriminals, on the other hand, work for profit by stealing company secrets or using ransomware to extort money from their victims. These gangs are responsible for the vast majority of cyberattacks worldwide and in some cases have partnered with countries like Russia.

Increasingly, these attackers are using AI to target governments, businesses and critical systems like hospitals and transportation networks, according to Amy Hogan-Burney, Microsoft’s vice president for customer security and trust, who oversaw the report. Many U.S. companies and organizations, meanwhile, are making do with outdated cyber defenses, even as Americans expand their networks with new digital connections.

Businesses, governments, organizations and individuals must take the threat seriously if they want to protect themselves in the face of escalating digital threats, she said.

“We see this as a pivotal moment where innovation is happening so fast,” Hogan-Burney said. “This is the year you absolutely need to invest in your cybersecurity basics,”

The United States is the primary target for cyberattacks, with criminals and foreign adversaries targeting businesses, governments, and organizations in the United States more than any other country. Israel and Ukraine are the second and third most popular targets, showing how military conflicts involving these two countries have spilled over into the digital realm.

Russia, China and Iran have denied using cyber operations for espionage, disruption and disinformation. China, for example, claims the United States is trying to “defame” Beijing while carrying out its own cyberattacks.

North Korea has launched a system in which it uses AI characters to create American identities allowing them to apply for tech jobs remotely. North Korea’s authoritarian government pockets salaries, while hackers use their access to steal secrets or install malware.

This is the kind of digital threat that more U.S. organizations will face in the coming years, as sophisticated AI programs make it easier for bad actors to deceive, according to Nicole Jiang, CEO of Fable, a San Francisco-based security company that uses AI to detect fake employees. AI is not only a tool for hackers, but also a critical defense against digital attackers, Jiang said.

“Cyberspace is a game of cat and mouse,” she said. “Access, data, information, money: that’s what they’re looking for. »