Back to Blogs

How ChatGPT can increase cyber risk

We recently sent a note to our network that was 100% generated by AI-platform ChatGPT1. This is a remarkable AI tool making headlines for its ability to generate amazing content with minimum input in seconds. It has wide application in marketing, education, research, software development, etc. 

 

Unfortunately, it can also be a great tool for hackers, which is why I wanted to flag this as a potential new business risk.

 

How can ChatGPT be a risk?

Leading cybersecurity firm Checkpoint Software, published a blog2 explaining how the team instructed ChatGPT to write a convincing phishing email and malware code to be embedded in an Excel file. Any ambitious hacker could take this approach and send this malware-containing Excel file disguised as an invoice, payment instructions, financial account summary, a net worth statement etc to any unsuspecting user. If the user opened the file, the malware code would run and provide the hacker access - a nightmare scenario for any business. While the process still takes effort and some knowledge, the blog shows how much of the heavy lifting is done by the AI.

 

While cybersecurity tools are important, employees are supposed to be the first line of defence for businesses, and unfortunately, stats show that 1 in 3 employees fall victim to phishing emails.3 Malware-based emails were up 217% in Q3/224, and the financial sector is the most targeted business sector, so I suspect there will be more headlines bringing attention to this issue in 2023.

 

How does SideDrawer address this concern?

  • Eliminate 100% of sensitive information from email into a secure, collaborative vault platform that can only be accessed by authorized users (no open file sharing links)

  • Reduce email volume by over 30% driving employee efficiency from less time checking/managing email, thereby reducing click-bait risk

  • Saving over an hour per day from tedious document related admin which can become monotonous, causing frustration or distraction and increasing risk

  • Ability for your clients to utilize SideDrawer for their own businesses, allowing you to seamlessly offer an additional cybersecurity value add to your clients

  • Since the general public is becoming more aware of cyber risks, demonstrating your attention to cyber security further adds credibility to your practice

Here are some additional resources to learn more, or share with your staff and clients:

  1. ChatGPT background
  2. Checkpoint Software's Research blog on ChatGPT
  3. Research paper on employee behaviour around phishing emails
  4. Stats on phishing emails and sectors 
  5. Microsoft's page on Business Email Compromise