Security Update News
Update Information
| Title | Report on the Malicious Uses of AI |
|---|---|
| Update ID | SCHNEIER:5E234DEAB51AB40364844941E1447E73 |
| Type | schneier |
| Published | 2025-06-06T14:41:13 |
| Last Updated | 2025-06-06T14:41:13 |
Security Impact
| CVSS Score | 0.0 |
|---|---|
| Severity | NONE |
| Attack Vector |
Affected CVEs
Update Details
> By using AI as a force multiplier for our expert investigative teams, in the three months since our last report we’ve been able to detect, disrupt and expose abusive activity including social engineering, cyber espionage, deceptive employment schemes, covert influence operations and scams.
>
> These operations originated in many parts of the world, acted in many different ways, and focused on many different targets. A significant number appeared to originate in China: Four of the 10 cases in this report, spanning social engineering, covert influence operations and cyber threats, likely had a Chinese origin. But we’ve disrupted abuses from many other countries too: this report includes case studies of a likely task scam from Cambodia, comment spamming apparently from the Philippines, covert influence attempts potentially linked with Russia and Iran, and deceptive employment schemes.
Reports like these give a brief window into the ways AI is being used by malicious actors around the world. I say “brief” because last year the models weren’t good enough for these sorts of things, and next year the threat actors will run their AI models locally–and we won’t have this kind of visibility.
_Wall Street Journal_ article (also here). Slashdot thread.