As the artificial intelligence (AI)-powered chatbot ChatGPT gains traction, tech giants like Google and Baidu have announced their plans to make similar AI tools.

However, many cybersecurity companies and experts worldwide have warned that ChatGPT could pose a cybersecurity threat. 

"The biggest harm is probably disinformation," Zhang Chao, associate professor of Institute for Network Science and Cyberspace at Tsinghua University, told CGTN.

He said that ChatGPT is powerful enough to generate a paragraph with clarity and logic, making it hard for a layman to tell whether the content is real.

ChatGPT could be misused by cyber attackers to write malware, said Zhang, adding that the model could also pose unique security threats.

"I can train it by feeding it certain questions and guide it to give right or wrong answers. Eventually, I can make it a slightly malicious program that gives tendentious answers," he said.

On the other hand, ChatGPT can be used for identifying potential risks and even generating defensive strategies.

The professor noted that the rapid development of ChatGPT-like systems benefit both defenders and attackers, making confrontation more intense.

"ChatGPT is currently being used by both sides, both in an exploratory phase," he said. 

Zhang said that ChatGPT has made a generational leap. "A simple analogy is to say that the AI models in the past were maybe at the level of an elementary school student. Now this AI model, ChatGPT, is actually at the level of a college student."

The professor said that ChatGPT now has some ability to digest and write organized and human-like content, which was completely out of reach before.

"The difference is that ChatGPT has a much larger amount of data. If previous AI models have a billion data parameters, then ChatGPT has a hundred billion of them," Zhang told CGTN, adding that another innovation of ChatGPT is the adoption of human intervention.

"Some news reports have said that companies employ thousands of people to train the model," he said. "They introduced the process of 'human-in-the-loop' to the model. Therefore, all the strategic models can work much better than just learning from data."

Some Chinese cybersecurity companies, including Qi-AnXin Technology, have made plans to train their security models based on ChatGPT-related technologies.

"We have done some training on ChatGPT-like models after the app was released," Li Jianping, director of Qi-AnXin Hufu Think Tank, told CGTN.

"At the primary stage, the models are mainly used to develop internal security products, helping our engineers improve product quality," Li said. 

The company and its peers have found out that it can help attackers identify security lapses and exploit them faster. 

"In the past, it would take attackers days or longer to find loopholes and use them," Li said, adding that the time could be shortened to several minutes with ChatGPT, making internet protection much more difficult.

The expert said ChatGPT-like tools can also lower the capability threshold for attackers.

"Previously, malware required strong capabilities, but with the help of ChatGPT, a person can write malware with very little coding knowledge," he said.

The expert told CGTN that the company participated in an AI security-related project recently launched by the National Industrial Information Security Development Research Center to provide protection to AI with their technology.

"We hope that AI can be applied more widely in the security industry to improve the efficiency and effectiveness of security protection," said the expert.

Technology is a double-edged sword. Just like ChatGPT, it can be both helpful and harmful to internet security. What's your take on it?

Videographer: Guo Huakang, Qi Jianqiang

Video editor: Guo Meiping

Cover image: Yu Peng