ChatGPT-3 and now ChatGPT-4 — What Does it Mean for Cybersecurity?

We’ve been watching the evolution of ChatGPT, particularly the addition of GPT-4 which was officially announced on March 13, as of now, however, it’s only available in the ChatGPT Plus paid subscription. The current free version of ChatGPT will still be based on GPT-3.5, which is less accurate and capable by comparison. To start this blog post let’s start with a broad, simple definition of the chatbot, “ChatGPT is an application trained to draw on massive pools of data to answer diverse queries in an informal manner – similar to how we’d conduct a text or in-person conversation with a friend or co-worker.” However, acting like Alexa is just the start of its capabilities. ChatGPT can also admit mistakes, challenge incorrect premises, and reject inappropriate requests. An interesting read on where this technology may be headed is in this article written prior to GPT-4 being released, “The Future Of Cybersecurity With ChatGPT.” The article also provides the history of the creation of the chatbot and what many cybersecurity industry experts thought of the technology.

Let’s continue this post by walking through the differences between GPT-3 and GPT-4.

ChatGPT-4 has officially been announced, confirming the longtime rumors around its improvements to the already awe-inspiring language skills of OpenAI’s ChatGPT. OpenAI calls it the company’s “most advanced system, producing safer and more useful responses.”

ChatGPT is a state-of-the-art language model that makes it feel like you are communicating with a person rather than a machine. With its ability to understand the intent and fulfill users’ needs, ChatGPT is already making waves in the technology industry. 

GPT-4 is the fourth iteration of the GPT (Generative Pre-training Transformer) language model, developed by OpenAI, which shows a massive leap in natural language processing (NLP). This model, with its ability to understand and generate human-like text, has the potential to revolutionize the way we interact with machines and automate various language-based tasks.

GPT-4 model can solve complex problems with greater accuracy, thanks to its broader general knowledge and problem-solving abilities.

Let’s see what ChatGPT-4 is straight from the source – https://ChatGPT4.ai/ – The first public demonstration of GPT-4 was live-streamed on YouTube – I provided you the direct YouTube link; the video shows off some of its new capabilities.

But don’t go to https://ChatGPT4.ai/ quite yet, or you’ll get the following notice:

Don’t worry; you’ll have the chance to try ChatGPT-4 either through their beta site or through a plethora of partnerships. On this page – https://ChatGPT4.ai/ChatGPT-plugins/ – you can see all organizations leveraging AI technology to search, speak with, and explore their products and services using the bot. Frankly, it’s mind-boggling how quickly this technology is being adopted not only by early adopters like engineers and software coders but also by the consumer, the student, the blog writer, and countless others.

Introducing ChatGPT-4 – What Makes it Different from its Predecessor ChatGPT-3

Meet ChatGPT-4, the newest addition to the AI chatbot family. With its advanced capabilities and improved language processing, ChatGPT4 raises the bar for natural conversation. Compared to its predecessor, ChatGPT3, ChatGPT4 boasts an increased understanding of language nuances and significantly expands its knowledge base. It can now handle complex queries, decipher slang, and even recognize emotions in text. But what sets ChatGPT4 apart is its ability to learn and adapt to new information, making each conversation more intelligent and intuitive. Try chatting with ChatGPT4 today and discover the future of AI communication.

It can answer simple questions quickly, reducing the need for lengthy manual research—saving time, and improving accuracy in the process. Compared to its predecessor, ChatGPT3, this new version is much more advanced: it understands context better. It can infer data from memory—allowing users to conduct deeper investigations into their security issues. In this blog, we will analyze how ChatGPT4 has replaced its predecessors regarding performance, features, and applicability within cybersecurity operations.

With Great Power Comes Great Responsibility – or Maybe Just Great Power

Russian-speaking cybercriminals writing one of those poorly written phishing e-mails that many of us receive multiple times per day will now have a language expert in ChatGPT-4, which will ultimately be more effective than a native writer. In seconds, they can ask ChatGPT to produce dozens of phishing messages in a matter of seconds.

SC Media, one of our favorite online publications, suggests that “attackers are already using ChatGPT to write malicious code. From malware like infostealer to ransomware, actors in underground forums are boasting about using the AI chatbot to accelerate their efforts.”

Legitimate research has also explored how ChatGPT could impact security. Security researcher Dr. Suleyman Ozarslan stated that he could utilize the program for various offensive and defensive cybersecurity tasks. These included crafting a World Cup-related email in fluent English, generating sigma detection rules to identify cybersecurity anomalies, and creating evasion code that could circumvent detection rules.

Threat Actors are Already Using ChatGPT for Malicious Purposes

Last week, cybercriminals used ChatGPTs to create a trojan version of a Chrome extension to steal Facebook accounts. According to security firm Guardio, adversaries created a malicious lookalike version of ChatGPT for Google Chrome extension called “Chat GPT for Google.” Malicious code used in the fake Google Chrome browser extension stole Facebook session cookies from victims and then used the data to compromise Facebook accounts.

Figure 1 -Thousands of Facebook accounts have been stolen due to a trojanized version of the legitimate ChatGPT extension for Google Chrome

The malicious Chrome extension was downloaded nearly 10,000 times until Google removed it from the Chrome store several days later. The malicious extension was also promoted through sponsored Google search results, targeting users searching for information about OpenAI’s new Chat GPT4 algorithm.

Cybersecurity Analysts Have Changed their Perspective on ChatGPT Dramatically 

I remember reading “How ChatGPT is changing the way cybersecurity practitioners look at the potential of AI” in SC Magazine toward the end of last year, thinking that the potential of this technology would take quite a while to develop. The article began, “In certain cybersecurity circles, it has become a running joke over the years to mock the way that vendors or LinkedIn hypes artificial intelligence and its capabilities thought leaders.”

However, many in the cybersecurity community were believers from the moment they had the opportunity to use the technology late last year. “It’s frankly influenced the way that I’ve been thinking about the role of machine learning and AI in innovations,” said Casey John Ellis, chief technology officer, founder, and chair of BugCrowd, in an interview.

SC Magazine suggested, “Ellis’ experience is similar to scores of other cybersecurity researchers who have spent the past week poking, prodding, and testing ChatGPT for its depth, sophistication, and capabilities. What they found may put more weight behind claims that artificial intelligence, or at least advanced machine learning programs, can be the disruptive and game-changing technology that has long been promised.”

With the ability to monitor millions of online interactions in real-time, ChatGPT4 provides law enforcement and security officials with vital information and the opportunity to act swiftly to prevent any possible threat. By staying ahead of potential dangers, ChatGPT4 is essential in ensuring the safety of individuals and communities.

The technology uses natural language processing and deep learning algorithms to analyze online conversations and flag potentially harmful or dangerous language. With its ability to detect potential threats in real-time, ChatGPT4 has numerous advantages over other cybersecurity solutions. Its chat interface makes it easy for individuals without technical expertise while providing a personalized and conversational experience. And with the power of AI, ChatGPT4 can even learn from past interactions and continuously improve its threat detection abilities. Overall, ChatGPT4 offers heightened security and peace of mind in an increasingly complex digital landscape.

Conclusion – Where are we Now?

ChatGPT4 utilizes state-of-the-art natural language processing to provide extra protection against cyber attacks. It can analyze chat logs and other data to identify potential threats, and organizations take proactive measures to safeguard sensitive data. 

Christopher Prewitt, CTO at Inversion,6, wrote an interesting piece in Forbes describing the four ways ChatGPT is changing cybersecurity which include:

1. AI-Directed Search – Provide ChatGPT a snippet of code, and it can give you a line-by-line walkthrough catered for a 12-year-old or a Ph.D. candidate
2. AI-Assisted Research – ChatGPT has shown the ability to understand and locate obfuscated malware code rapidly
3. AI-Augmented Operations – Through natural language processing, ChatGPT not only understands commands and reads code, but it can also provide actual insights and remediation advice, decreasing incident response times
4. AI-Powered Attacks – Threat actors are already using ChatGPT to develop malware, including polymorphic malware that mutates regularly to evade detection

We now know powerful AI tools are already available for both cyber criminals and security teams. The difference will be in which side learns to use the tools more precisely and efficiently. We’ll keep you updated concerning the progress of both sides; of course, we’ll be rooting for the good guys.