Hacking Attacks Automated by AI Advancements: "Humans Can't Keep Up"
Chinese Hackers Target Over 30 Organizations Using AI
U.S. Launches Full-Scale Cyber Defense Training at Home
Security authorities around the world are on high alert after it was revealed that a Chinese hacker group exploited generative artificial intelligence (AI) to carry out large-scale, automated cyberattacks. Since more than 90% of the hacking operations can be performed solely by AI without human involvement, there is a growing possibility that both the scale and frequency of cyberattacks will increase rapidly in the future. The U.S. military, recognizing the significant risk of cyberattacks on domestic military bases and infrastructure in the event of a crisis, has begun training to prepare for AI-driven hacking attacks.
Chinese Hackers Exploit Entropic AI for Large-Scale Cyberattacks
Anthropic, a U.S.-based AI company, revealed in a report released on November 13 (local time) that “the Chinese-backed hacker group ‘GTG-1002’ exploited Anthropic’s AI-based code automation tool, ClaudeCode, to launch large-scale cyberattacks.” The company stated, “From mid-September, over a period of about ten days, they simultaneously attacked more than 30 organizations worldwide, and some of these organizations suffered breaches.”
This is the first time that the use of AI-based automation programs in large-scale cyberattacks has been confirmed. Previously, cybercrimes mainly involved using AI like ChatGPT to write malicious code or create phishing pages. As a result, variant programs such as ‘WormGPT,’ an AI model specifically developed for phishing, and ‘FraudGPT,’ specialized in generating malware, have become problematic.
However, in the case of the GTG-1002 cyberattack, the vast majority of the hacking operations were carried out by AI automation programs rather than humans. According to Anthropic, the group used ClaudeCode to automate most of the hacking process, including reconnaissance of targets, vulnerability analysis, creating infiltration routes, and manipulating necessary personal information. Anthropic reported, “It appears that over 80-90% of the hacking operations were automated using AI,” and “Human intervention was limited to the final approval stage for accessing sensitive systems and exfiltrating data.”
It has also been reported that the AI itself analyzed account information and data obtained from infiltrated systems after the cyberattack, and even automatically generated summary reports on the information and experiences gained during the process. Anthropic emphasized, “Such AI-driven automated cyberattacks could rapidly spread not only to large organizations and institutions, but also to small and medium-sized organizations, making it urgent to shift our response strategies.” The company added, “It is critical to develop AI-based automated defense systems to prepare for AI-automated cyberattacks.”
U.S. Military Trains for AI Attacks Since September: "Speeds Humans Cannot Match"
The U.S. Army and National Guard undergoing cyberattack training. Photo by U.S. National Guard website
View original imageWith AI-based automated cyberattacks expected to become more frequent, the United States began full-scale network defense training in September, involving the Army, National Guard, and local governments. This is because, in the event of a crisis, key domestic infrastructure such as electricity and gas could suffer significant damage if exposed to AI-driven cyberattacks.
In particular, the Virginia National Guard conducted an experiment to assess how well human experts could respond to attacks by AI-based automation programs. The teams were divided into an AI attack team and a human defense team. The result was that the human defense team failed to counter the AI attack team’s offensive and was unable to defend the network. Andre Slonopas, the operations officer who led the exercise, told Defense News, “We did not encrypt the traffic so we could observe the AI attacker’s methods. Even though the human defense team knew exactly who the adversary was and what they were doing, they lost,” adding, “The speed of AI’s indiscriminate attacks was unbelievably fast, making it impossible for the human defense team to keep up.”
Hot Picks Today
!["Rather Than Endure a 1.5 Million KRW Stipend, I'd Rather Earn 500 Million in the U.S." Top Talent from SNU and KAIST Are Leaving [Scientists Are Disappearing] ①](https://cwcontent.asiae.co.kr/asiaresize/93/2026051914165468840_1779167814.png)
"Rather Than Endure a 1.5 Million KRW Stipend, I'd Rather Earn 500 Million in the U.S." Top Talent from SNU and KAIST Are Leaving [Scientists Are Disappearing] ①
- "Not Jealous of Winning the Lottery"... Entire Village Stunned as 200 Million Won Jackpot of Wild Ginseng Cluster Discovered at Jirisan
- "I'll Stop by Starbucks Tomorrow": People Power Chungbuk Committee and Geoje Mayoral Candidate Face Criticism for Alleged 5·18 Demeaning Remarks
- Iranian Military: "Ceasefire Was an Opportunity to Strengthen Forces...We Treated It Like Wartime"
- "How Did an Employee Who Loved Samsung End Up Like This?"... Past Video of Samsung Electronics Union Chairman Resurfaces
In response to AI’s indiscriminate attacks, the U.S. military is accelerating the development of the ‘Ask Sage’ defensive AI platform. This program also blocks external AI chatbot programs such as ChatGPT and DeepSeek, preventing user data and prompts from being leaked externally. Nicholas Chaillan, the developer of Ask Sage, pointed out, “Numerous cyberattacks targeting the U.S. military are ongoing,” and “China, in particular, is leveraging AI in cyberattacks more aggressively than any other country, which makes stronger countermeasures necessary.”
© The Asia Business Daily(www.asiae.co.kr). All rights reserved.
