Sophos explores using ChatGPT to tackle cyberthreats


By Dylan Bushell-Embling
Wednesday, 22 March, 2023
Sophos explores using ChatGPT to tackle cyberthreats

Cybersecurity company Sophos has released new research demonstrating how the generative AI technology behind ChatGPT can be used to fight cybercrime.

The research details pilot projects developed using the GPT-3 large language models to simplify the search for malicious activity in data from security software, more accurately filter spam and speed up analysis of “living off the land” attacks.

For example, the GPT-3 AI model can be developed to filter malicious activity in XDR Telemetry datasets, Sophos found. The company tested the model against its endpoint detection and response product to allow defenders to filter the data with basic English commands.

Sophos researchers were also able to adapt the technology to simplify the process for reverse-engineering the command lines of living off the land technologies known aS LOLBins, a process notoriously difficult to pull off.

Sophos Principal Threat Researcher Sean Gallagher said the research demonstrates that generative AI can be used by both sides of the security fence.

“Since OpenAI unveiled ChatGPT back in November, the security community has largely focused on the potential risks this new technology could bring,” he said.

“Can the AI help wannabee attackers write malware or help cybercriminals write much more convincing phishing emails? Perhaps, but, at Sophos, we’ve long seen AI as an ally rather than an enemy for defenders, making it a cornerstone technology for Sophos, and GPT-3 is no different.”

He said the findings demonstrate that the security community should be paying attention not just to the potential risks, but the potential opportunities GPT-3 brings.

“We are already working on incorporating some of the prototypes above into our products, and we’ve made the results of our efforts available on our GitHub for those interested in testing GPT-3 in their own analysis environments,” Gallagher said.

“In the future, we believe that GPT-3 may very well become a standard co-pilot for security experts.”

Image credit: iStock.com/marchmeena29

Related News

Australian ransomware payments average at $9.27 million

Data from Sophos suggests that Australian businesses falling victim to a ransomware attack...

Akamai launches zero trust platform

Akamai's new Guardicore platform combined Zero Trust Network Access with microsgmentation to...

Veeam buys ransomware response company Coveware

Veeam has arranged to augment its cyber extortion incident response capabilities with the...

Content from other channels on our network

Designing cellular antennas into small IoT products

Govt funds telco resilience tech, responds to LEOSat report

Extreme enclosure heli-lifted into an extreme environment

Cyber secured at critical network device level has never been more important

Cradlepoint 'Vehicle as a Node' is the Next Frontier for Emergency Services

Australian researchers launch global misinformation database

Broadcom revamps and simplifies VMware portfolio

Central Highlands Water chooses Infor for ERP

The benefits and risks of AI usage in the public sector

Cobalt Iron earns patent on analytics-based dynamic authorisation control

Embracing the Future: The imperative for digitisation and condition monitoring in industrial and mobile equipment

When does a conductor not conduct?

Purdue-created tech makes 3D microscopes easier to use

Cracking the code on spin currents

Recyclable circuit board turns to jelly for disassembly

  • All content Copyright © 2024 Westwick-Farrow Pty Ltd