ChatGPT为何成为网络安全“双刃剑”?
ChatGPT成为近期最火爆的科技话题,包括谷歌和百度在内的多个科技巨头都宣布了开发同类产品的计划。然而,全球许多网络安全公司和专家也提出警告——ChatGPT可能对网络安全造成威胁。
CGTN记者郭梅平对话网络安全专家,探讨ChatGPT可能对互联网安全带来的威胁和助力作用。
As the artificial intelligence (AI)-powered chatbot ChatGPT gains traction, tech giants like Google and Baidu have announced their plans to make similar AI tools.
However, many cybersecurity companies and experts worldwide have warned that ChatGPT could pose a cybersecurity threat.
“最大的危害可能是虚假信息”
"The biggest harm is probably disinformation," Zhang Chao, associate professor of Institute for Network Science and Cyberspace at Tsinghua University, told CGTN.
He said that ChatGPT is powerful enough to generate a paragraph with clarity and logic, making it hard for a layman to tell whether the content is real.
ChatGPT could be misused by cyber attackers to write malware, said Zhang, adding that the model could also pose unique security threats.
"I can train it by feeding it certain questions and guide it to give right or wrong answers. Eventually, I can make it a slightly malicious program that gives tendentious answers," he said.
Zhang Chao, associate professor of Institute for Network Science and Cyberspace at Tsinghua University. /CGTN
On the other hand, ChatGPT can be used for identifying potential risks and even generating defensive strategies.
网络安全:攻防双方都还在对ChatGPT进行探索
The professor noted that the rapid development of ChatGPT-like systems benefit both defenders and attackers, making confrontation more intense.
"ChatGPT is currently being used by both sides, both in an exploratory phase," he said.
Zhang said that ChatGPT has made a generational leap. "A simple analogy is to say that the AI models in the past were maybe at the level of an elementary school student. Now this AI model, ChatGPT, is actually at the level of a college student."
The professor said that ChatGPT now has some ability to digest and write organized and human-like content, which was completely out of reach before.
"The difference is that ChatGPT has a much larger amount of data. If previous AI models have a billion data parameters, then ChatGPT has a hundred billion of them," Zhang told CGTN, adding that another innovation of ChatGPT is the adoption of human intervention.
"Some news reports have said that companies employ thousands of people to train the model," he said. "They introduced the process of 'human-in-the-loop' to the model. Therefore, all the strategic models can work much better than just learning from data."
Some Chinese cybersecurity companies, including Qi-AnXin Technology, have made plans to train their security models based on ChatGPT-related technologies.
Li Jianping, director of Qi-AnXin Hufu Think Tank. /CGTN
"We have done some training on ChatGPT-like models after the app was released," Li Jianping, director of Qi-AnXin Hufu Think Tank, told CGTN.
"At the primary stage, the models are mainly used to develop internal security products, helping our engineers improve product quality," Li said.
The company and its peers have found out that it can help attackers identify security lapses and exploit them faster.
"In the past, it would take attackers days or longer to find loopholes and use them," Li said, adding that the time could be shortened to several minutes with ChatGPT, making internet protection much more difficult.
The expert said ChatGPT-like tools can also lower the capability threshold for attackers.
"Previously, malware required strong capabilities, but with the help of ChatGPT, a person can write malware with very little coding knowledge," he said.
The expert told CGTN that the company participated in an AI security-related project recently launched by the National Industrial Information Security Development Research Center to provide protection to AI with their technology.
"We hope that AI can be applied more widely in the security industry to improve the efficiency and effectiveness of security protection," said the expert.
Technology is a double-edged sword. Just like ChatGPT, it can be both helpful and harmful to internet security. What's your take on it?
科技是一把双刃剑。就像ChatGPT一样,它可以用于保险或损害互联网安全。
你对它的态度是什么呢?