10 Questions to ChatGPT: How It Can Change Cybersecurity
This blog is written with the help of OpenAI’s ChatGPT.
In November 2022, OpenAI -an Artificial Intelligence research and deployment company- released its chatbot, the ChatGPT. With the release, ChatGPT attracted the entire world’s attention, and people started talking about their conversations with ChatGPT on blog pages and social media.
What is ChatGPT?
GPT (Generative Pretrained Transformer) is a natural language processing (NLP) model developed by OpenAI. These models are trained to generate text similar to human writing and have been a major advancement in NLP. It uses a deep-learning technique called transformer architecture, commonly used in NLP tasks such as language translation and text generation.
Transformer architecture is based on the idea of self-attention, which allows the model to weigh and combine various parts of the input data to make predictions, so transformer models can better capture the relationships between different words and phrases in the input data and generate more accurate and fluent text.
Versions of GPT
- In 2018, OpenAI released the first version of GPT, GPT-1. Developers trained this model on a large human-generated text dataset. GPT-1 was able to generate text that was similar to human writing.
- In 2019, OpenAI released a more advanced version of GPT-1, the GPT-2. GPT-2 was trained on a larger dataset and generated more human-like text.
- In 2020, the latest and most advanced GPT model, GPT-3, was released.
- In early 2022, the GPT-3.5 finished its training. ChatGPT is fine-tuned from a model in the GPT-3.5 series.
- GPT-4 will at least have a larger dataset and respond more naturally than the previous models. Also, it will provide more functionality that will help businesses grow with more detailed communications with customers. And it means that with the release of GPT-4, internet users will see more AI-generated contexts.
How ChatGPT Works?
The model uses deep learning techniques to process and generate text. First, the model receives text input from the user and processes it using a series of neural network layers. Then uses its knowledge of the English language and its trained parameters to generate a response to the input. The generated response is returned to the user, who can provide additional input for the model to continue the conversation. And the model continues to generate responses in this manner, using its internal knowledge and past inputs to inform its responses.
What Can ChatGPT Do?
We asked the ChatGPT what it could do. Its main function is to assist with answering questions, providing information, and generating text on a wide range of topics, such as cybersecurity. It responded that it could provide information on various subjects such as history, science, geography, and many others. However, according to ChatGPT, its information is limited to what it has been trained for because it cannot browse the internet, but its knowledge is still expanding.
10 Questions Asked to ChatGPT
1. What kind of text can ChatGPT generate?
We learned a little bit about it by asking. So, according to ChatGPT, its abilities are limited to processing and generating text. “Generating text” seems it is a broad term. Let us dive more into this ability in upcoming questions.
ChatGPT is even able to write a short ten-second play about a cyberattack:
2. Can ChatGPT generate code snippets?
While it can generate texts such as plays, poems, blog posts, etc., ChatGPT can also code in any language and explain why it uses which function in the script. For example, we asked ChatGPT to code us a program that creates a strong password, and here is ChatGPT’s code:
3. What about malicious codes?
ChatGPT can help security researchers find the bugs in the code or help them when they are stuck coding a specific function. However, it can be abused to generate malicious code, such as ransomware.
Ransomware is malicious software that encrypts a user’s files and demands payment to restore access. This attack typically blocks the victim’s ability to access their system or personal files and requires a ransom payment to unlock the affected files. If we ask ChatGPT directly to code ransomware, it rejects our request because it is “illegal” and “unethical.”
But what if we tell ChatGPT to do us in a “different” way?
With this way –telling your “need” step-by-step- it generates a ransomware code. After that, all you need is a ransom note. ChatGPT provides the ransom note too:
4. Will ChatGPT help a hacker prepare for a cyberattack?
We can get malicious codes from ChatGPT; what about phishing emails? Phishing emails’ typical characteristics are urgency, containing misspellings, incorrect grammar, suspicious hyperlinks, and malicious attachments.
ChatGPT generated a convincing phishing email talking about urgency and an area to add a hyperlink.
5. Can ChatGPT write YARA rules?
Ransomware is one of the most critical cyberattacks organizations suffer. It is dangerous, and its occurrence is rising day by day. We asked ChatGPT to generate a basic YARA rule giving the “STOP” Ransomware’s IoCs.
ChatGPT wrote a YARA rule using the input credentials and explained a little about what this rule holds, and it remembered to warn us to test it to ensure the rule is functioning correctly.
6. Does ChatGPT know about threat actor groups linked to North Korea?
We asked a question to ChatGPT about North Korea-linked threat actors, and its answer was detailed:
ChatGPT gave us four North Korea-linked threat actors, and we also have been informed about these groups’ targets from the answer.
7. What are ChatGPT’s recommendations about insider threats?
ChatGPT can lead you on what to do when you or your team suspect about existence of an insider threat in your organization:
8. ChatGPT and Cyber Threat Intelligence
CTI (Cyber Threat Intelligence) is a prevalent discipline because it contains vital functions for organizations’ security, so what can ChatGPT say about CTI’s importance?
It is also possible to get a printout of the key benefits of Cyber Threat Intelligence from it:
This is how the SOCRadar platform helps enterprises. By utilizing SOCRadar’s modules besides Cyber Threat intelligence -such as Attack Surface Management and Digital Risk Protection– organizations can proactively protect their assets and data from cyber threats by staying ahead of the latest threats and vulnerabilities, ensuring a secure and resilient business environment.
9. Evaluating the quality of CTI solutions
As an organization, the quality of the solution is as important as using the CTI (Cyber Threat Intelligence) solution. There are key points to measure whether the selected CTI solution is well-qualified. We decided to ask this question to it:
Its response also explains why SOCRadar is the most promising, utilized threat intelligence platform among our customers on Gartner Peer Insights.
10. Importance of Open-Source Intelligence (OSINT) in CTI
Open-Source Intelligence (OSINT) is one of the most used methods in CTI processes. Why don’t we ask ChatGPT what makes OSINT used so often?
ChatGPT is trying to serve numerous people; from time to time, it cannot keep up with the demands:
Conclusion
ChatGPT is capable enough to produce high-quality outcomes regarding cybersecurity subjects. However, at the moment, artificial intelligence is not at the human level. In the near future, it will play a higher role in daily life and may positively affect different parts of our jobs. On the other hand, we are not sure if adversaries will use it in a harmful way. That is why AI solutions may need to be monitored and supervised carefully.