The cybersecurity firm Darktrace has warned that since the release of ChatGPT it has seen an increase in criminals using artificial intelligence to create more sophisticated scams to con employees and hack into businesses.
The Cambridge-based company, which reported a 92% drop in operating profits in the half year to the end of December, said AI was further enabling “hacktivist” cyber-attacks using ransomware to extort money from businesses.
The company said it had seen the emergence of more convincing and complex scams by hackers since the launch of the hugely popular Microsoft-backed AI tool ChatGPT last November.
“Darktrace has found that while the number of email attacks across its own customer base remained steady since ChatGPT’s release, those that rely on tricking victims into clicking malicious links have declined while linguistic complexity, including text volume, punctuation and sentence length among others, have increased,” the company said.
“This indicates that cybercriminals may be redirecting their focus to crafting more sophisticated social engineering scams that exploit user trust.”
However, Darktrace said that the phenomenon had not yet resulted in a new wave of cybercriminals emerging, merely changing the tactics of the existing cohort.
“ChatGPT has [not] yet lowered barriers to entry for threat actors significantly, but it does believe that it may have helped increase the sophistication of phishing emails, enabling adversaries to create more targeted, personalised, and ultimately, successful attacks,” the company said.
Darktrace also warned in its results that it had seen a “noticeable” slowdown in businesses signing up for its security products in the final three months of last year. It attributed the drop in its operating profits in the last six months of 2022 to a tax bill relating to the vesting of share awards for its chief executive, Poppy Gustafsson, and finance boss, Cathy Graham, which had forced it to reduce its forecast of free cashflow this year.
The company, whose market capitalisation of £1.9bn is far from the heady highs of almost £7bn months after flotation, said it had increased its customer base by a quarter year-on-year from 6,573 to 8,178 in the six months to the end of December.
Darktrace, which has been subjected to a barrage of criticism from short-sellers unconvinced that it can deliver on its aim of becoming a potential European superpower in the US-dominated cybersecurity space, said it was not concerned by the recent slump in new business.
“Although there has been a slowdown in new customer wins, I am pleased that our investments in retaining customers and increasing the value of both new and existing contracts are paying off,” said Gustafsson, who pointed to 36% year-on-year growth in revenues in the six months to the end of December.
“Our business continues to deliver against a challenging macro-economic backdrop, with continued strong year-on-year revenue growth.”