In an interview this week, Canadian Centre for Cyber Security Head Sami Khoury said early evidence that cybercriminals have also adopted the AI revolution early.
Khoury said that his agency had seen AI being used "in phishing emails, or crafting emails in a more focused way, in malicious code and in misinformation and disinformation."
Khoury did not provide details or evidence, but his assertion that cybercriminals were already using AI adds an urgent note to the chorus of concern over rogue actors' use of the emerging technology.
In recent months several cyber watchdog groups have published reports warning about the hypothetical risks of AI - especially the fast-advancing language processing programs known as large language models (LLMs), which draw on vast volumes of text to craft convincing-sounding dialogue, documents and more.
In March, Europol published a report saying that models such as OpenAI's ChatGPT had made it possible "to impersonate an organisation or individual in a highly realistic manner even with only a basic grasp of the English language." The same month, Britain's National Cyber Security Centre said in a blog post that there was a risk that criminals "might use LLMs to help with cyber attacks beyond their current capabilities."
Cybersecurity researchers have demonstrated a variety of potentially malicious use cases; some now say they are beginning to see suspected AI-generated content in the wild.
Last week, a former hacker said he had discovered an LLM trained on malicious material and asked it to draft a convincing attempt to trick someone into making a cash transfer.
The LLM responded with a three-paragraph email asking its target for help with an urgent invoice.
"I understand this may be short notice, but this payment is incredibly important and needs to be done in the next 24 hours."
Khoury said that while the use of AI to draft malicious code was still in its early stages - "there's still a way to go because it takes a lot to write a good exploit" - the concern was that AI models were evolving so quickly that it was difficult to get a handle on their malicious potential before they were released into the wild.