It is a new war, whose name is not pronounced. China on Sunday accused the United States of orchestrating a cyberattack against its National Time Center, a strategic institution responsible for synchronizing the country’s official time. This accusation occurs in a particularly tense geopolitical context between both powers, both diplomatically and economically and technologically.
But the United States is not committed on a single front… and its adversaries are doubling down on their ingenuity. According to a new Microsoft study, China, but also Russia, Iran and North Korea, have significantly increased the use of artificial intelligence to deceive Internet users and carry out cyberattacks against the United States.
Last July, the company identified more than 200 cases of foreign actors using AI to create false content online, more than double the number in 2024 and ten times the number in 2023. Published Thursday in Microsoft’s annual report on digital threats, this finding illustrates how these powers are exploiting artificial intelligence as a new instrument of espionage and disinformation.
In this way, AI allows them to automate their cyberattacks, perfect their manipulation campaigns and infiltrate sensitive systems. It is also used to enhance phishing emails or create fake profiles of official officials. These operations aim to steal confidential data, disrupt public services or spread false information. Certain groups, motivated by profit or supported by states such as Russia, are among the main actors in these global attacks.
“The main objective of cyber attacks”
According to the Microsoft report, the United States remains the main target of cyberattacks, ahead of Israel and Ukraine. Criminals and foreign actors take advantage of American companies, governments, and organizations more than anywhere else.
On October 15, for example, the American company F5 (provider of network solutions for federal agencies, editor’s note) confirmed an intrusion of state origin. A few days later, between October 18 and 19, the FBI and other federal institutions were victims of a massive data leak orchestrated by the group “The Com”, exposing information from intelligence agents and the Department of Justice.
Last June, the US Department of Homeland Security warned of the risk of digital retaliation for US attacks on Iranian nuclear facilities, fearing a wave of pro-Iranian cyberattacks on energy, transportation and defense networks. CISA and the NSA had even considered scenarios of coordinated operations between Iran and Russia, “relying on ransomware and denial of service campaigns.”
Accusations dismissed as a whole
For their part, Russia, China and Iran deny having carried out offensive cyber operations. China even accuses the United States of “smearing” Beijing, while carrying out its own attacks. In a statement to the Associated Press, Iran’s mission to the UN said: “The Islamic Republic of Iran does not launch any type of offensive cyber operations against any state. However, as a victim of cyber operations, it will respond to any such threat in a manner proportionate to its nature and scale.”
North Korea uses AI-created US identities to apply for remote tech jobs, allowing the regime to pocket salaries and hackers to steal secrets or install malware. North Korean hackers are also using blockchain smart contracts to install malware. A technique, called EtherHiding, that the Google Threat Intelligence Group has detected and finds very difficult to thwart.
“Cyberspace is a game of cat and mouse. Access, data, information, money — that’s what they’re looking for,” Nicole Jiang, CEO of Fable, a San Francisco-based security company that uses artificial intelligence to detect fake employees, told the Associated Press.
Several other major attacks have been attributed to a North Korean group, called Lazarus, considered one of the most elusive in the world. Active since 2009, he became known for the hack of Sony Pictures in 2014 and then for the theft of $81 million from Bangladesh’s central bank in 2016, an operation carefully prepared over a year. However, no attack on US assets has been formally demonstrated, leaving some doubt.
Source: BFM TV
