223 canonical MIT risk pages
4. Malicious Actors & Misuse
Risks created by deliberate malicious use of AI tools and capabilities.
4. Malicious Actors & Misuse
Ability to enhance and modify pathogens
AI can be used to enhance pathogens, making them more lethal or resistant to treatments.
4. Malicious Actors & Misuse
Ability to persuade
AI could be used to develop sophisticated tools to manipulate and persuade individuals.
4. Malicious Actors & Misuse
Abuse & Misuse
The potential for AI systems to be used maliciously or irresponsibly, including for creating deepfakes, automated cyber attacks, or invasive surveillance systems. Specifically denotes intentional use of AI for harm.
4. Malicious Actors & Misuse
Academic Misconduct
Improper use of LLM systems (i.e., abuse of LLM systems) will cause adverse social impacts, such as academic misconduct.
4. Malicious Actors & Misuse
Acquisition of a goal to harm society
cases of AI systems being given the outright goal of harming humanity (ChaosGPT);
4. Malicious Actors & Misuse
Advertising-driven models
AI models and systems underpin the advertising approaches that drive much of the internet, potentially influencing societal behavior.
4. Malicious Actors & Misuse
AI enables development of weapons of mass destruction
AI is already enabling the development of weapons which could cause mass destruction —including new weapons that themselves use AI capabilities, such as Lethal Autonomous Weapons [2],10 and the potential use of AI to speed up the development of other potentially dangerous technologies, such as engineered pathogens (as discussed in Section 2).
4. Malicious Actors & Misuse
AI in totalitarian regimes
AI-based surveillance and manipulation could be used to maintain global totalitarian regimes.
4. Malicious Actors & Misuse
AI is used to scale up production of false and misleading information
At the same time, we are seeing how AI can be used to scale up the production of convincing yet false or misleading information online (e.g. via image, audio, and text synthesis models like BigGAN [6] and GPT-3 [7]).
4. Malicious Actors & Misuse
AI-Assisted Software Vulnerability Discovery
A common element in offensive cyber operations involves the identification and exploitation of system vulnerabilities to gain unauthorized access or control. Until recently, these activities required specialist programming knowledge. In the case of ‘zero-day’ vulnerabilities (flaws or weaknesses in software or an operating system that the creator or vendor is not aware of), considerable resources and technical creativity are typically required to manually discover such vulnerabilities, so their use is limited to well-resourced nation states or technically sophisticated advanced persistent threat groups. Another case where we see AI assistants as potential double-edged swords in cybersecurity concerns streamlining vulnerability discovery through the increased use of AI assistants in penetration testing, wherein an authorized simulated cyberattack on a computer system is used to evaluate its security and identify vulnerabilities. Cyber AI assistants built over foundational models are already automating aspects of the penetration testing process. These tools function interactively and offer guidance to penetration testers during their tasks. While the capability of today’s AI-powered penetration testing assistant is limited to easy-to-medium-difficulty cyber operations, the evolution in capabilities is likely to expand the class of vulnerabilities that can be identified by these systems. These same AI cybersecurity assistants, trained on the massive amount of cyber-threat intelligence data that includes vulnerabilities and attack patterns, can also lower the barrier to entry for novice hackers that use these tools for malicious purposes, enabling them to discover vulnerabilities and create malicious code to exploit them without in-depth technical knowledge. For example, Israeli security firm Check Point recently discovered threads on well-known underground hacking forums that focus on creating hacking tools and code using AI assistants.
4. Malicious Actors & Misuse
AI-based tools attacking critical infrastructure
Critical infrastructure can also be damaged without AI integration, for instance, when AI-based tools are used indirectly to aid actions such as in coordinated power outages caused by large-scale user manipulation [159].
4. Malicious Actors & Misuse
AI-driven highly personalized advertisement
Advanced GPAI systems can create advertisements tailored to individual recip- ients, exploiting the biases and irrational beliefs of each recipient. Such adver- tisements can cause consumers to make decisions they regret in retrospect, or would regret upon more reflection. Current versions of personalized video advertisements already show better re- sults compared to regular advertisements [110]. However, the widespread use of highly personalized advertisements raises concerns about undermining consumer autonomy and exacerbating social inequality.
4. Malicious Actors & Misuse
AI-driven spear phishing attacks
Generative models can be misused to target individual users more efficiently by using personalized information [23]. Highly convincing automated fraudulent schemes can exploit the trust of victims by extracting sensitive data and making the deception more likely to succeed. For example, in LLMs, this misuse can be aided by jailbreaking techniques [178].
4. Malicious Actors & Misuse
AI-Powered Spear-Phishing at Scale
Phishing is a type of cybersecurity attack wherein attackers pose as trustworthy entities to extract sensitive information from unsuspecting victims or lure them to take a set of actions. Advanced AI systems can potentially be exploited by these attackers to make their phishing attempts significantly more effective and harder to detect. In particular, attackers may leverage the ability of advanced AI assistants to learn patterns in regular communications to craft highly convincing and personalized phishing emails, effectively imitating legitimate communications from trusted entities. This technique, known as ‘spear phishing,’ involves targeted attacks on specific individuals or organizations and is particularly potent due to its personalized nature. This class of cyberattacks often gains its efficacy from the exploitation of key psychological principles, notably urgency and fear, which can manipulate victims into hastily reacting without proper scrutiny. Advanced AI assistants’ increased fidelity in adopting specific communication styles can significantly amplify the deceptive nature of these phishing attacks. The ability to generate tailored messages at scale that engineer narratives that invoke a sense of urgency or fear means that AI-powered phishing emails could prompt the recipient to act impulsively, thus increasing the likelihood of a successful attack.
4. Malicious Actors & Misuse
AI's persuasive capabilities are misused to gain influence and promote harmful ideologies
As AI capabilities advance, they may be used to develop sophisticated persuasion tools, such as those that tailor their communication to specific users to persuade them of certain claims [42]. While these tools could be used for social good— such as New York Times’ chatbot that helps users to persuade people to get vaccinated against Covid-19 [27]—there are also many ways they could be misused by self-interested groups to gain influence and/or to promote harmful ideologies.
4. Malicious Actors & Misuse
Amplification of cyberattacks
General-purpose AI models may significantly enhance the magnitude and ef- fectiveness of cyberattacks, by amplifying existing capabilities or resources of malicious actors [3]. For example, GPAI models may be employed to: • Automatically scan open-source codebases and compiled binaries for po- tential vulnerabilities • Apply known exploits flexibly and at scale (e.g., identifying vulnerable computers based on subtle cues in response times or output formats) • Assist with different aspects of cyberattacks, including planning, recon- naissance, exploit searching, remote control, malware implementation, and data exfiltration • Combine social engineering (phishing, deepfakes, etc.) with cyberattacks at scale.
4. Malicious Actors & Misuse
Appropriated Likeness
Use or alter a person's likeness or other identifying features
4. Malicious Actors & Misuse
Assisting code generation for cyber security threats
Anticipated risk: Creators of the assistive coding tool Co-Pilot based on GPT-3 suggest that such tools may lower the cost of developing polymorphic malware which is able to change its features in order to evade detection [37].
4. Malicious Actors & Misuse
Authoritarian Surveillance, Censorship, and Use (General)
While new technologies like advanced AI assistants can aid in the production and dissemination of decision-guiding information, they can also enable and exacerbate threats to production and dissemination of reliable information and, without the proper mitigations, can be powerful targeting tools for oppression and control. Increasingly capable general-purpose AI assistants combined with our digital dependence in all walks of life increase the risk of authoritarian surveillance and censorship. In parallel, new sensors have flooded the modern world. The internet of things, phones, cars, homes, and social media platforms collect troves of data, which can then be integrated by advanced AI assistants with external tool-use and multimodal capabilities to assist malicious actors in identifying, targeting, manipulating, or coercing citizens.
4. Malicious Actors & Misuse
Authoritarian Surveillance, Censorship, and Use: Authoritarian Surveillance and Targeting of Citizens
Authoritarian governments could misuse AI to improve the efficacy of repressive domestic surveillance campaigns. Malicious actors will recognize the power of AI targeting tools. AI-powered analytics have transformed the relationship between companies and consumers, and they are now doing the same for governments and individuals. The broad circulation of personal data drives commercial innovation, but it also creates vulnerabilities and the risk of misuse. For example, AI assistants can be used to identify and target individuals for surveillance or harassment. They may also be used to manipulate people’s behavior, such as by microtargeting them with political ads or fake news. In the wrong hands, advanced AI assistants with multimodal and external tool-use capabilities can be powerful targeting tools for oppression and control. The broad circulation of personal data cuts in both directions. On the one hand, it drives commercial innovation and can make our lives more convenient. On the other hand, it creates vulnerabilities and the risk of misuse. Without the proper policies and technical security and privacy mechanisms in place, malicious actors can exploit advanced AI assistants to harvest data on companies, individuals, and governments. There have already been reported incidents of nation-states combining widely available commercial data with data acquired illicitly to track, manipulate, and coerce individuals. Advanced AI assistants can exacerbate these misuse risks by allowing malicious actors to more easily link disparate multimodal data sources at scale and exploit the ‘digital exhaust’ of personally identifiable information (PII) produced as a byproduct of modern life.
4. Malicious Actors & Misuse
Authoritarian Surveillance, Censorship, and Use: Delegation of Decision-Making Authority to Malicious Actors
Finally, the principal value proposition of AI assistants is that they can either enhance or automate decision-making capabilities of people in society, thus lowering the cost and increasing the accuracy of decision-making for its user. However, benefiting from this enhancement necessarily means delegating some degree of agency away from a human and towards an automated decision-making system—motivating research fields such as value alignment. This introduces a whole new form of malicious use which does not break the tripwire of what one might call an ‘attack’ (social engineering, cyber offensive operations, adversarial AI, jailbreaks, prompt injections, exfiltration attacks, etc.). When someone delegates their decision-making to an AI assistant, they also delegate their decision-making to the wishes of the agent’s actual controller. If that controller is malicious, they can attack a user—perhaps subtly—by simply nudging how they make decisions into a problematic direction. Fully documenting the myriad of ways that people—seeking help with their decisions—may delegate decision-making authority to AI assistants, and subsequently come under malicious influence, is outside the scope of this paper. However, as a motivation for future work, scholars must investigate different forms of networked influence that could arise in this way. With more advanced AI assistants, it may become logistically possible for one, or a few AI assistants, to guide or control the behavior of many others. If this happens, then malicious actors could subtly influence the decision-making of large numbers of people who rely on assistants for advice or other functions. Such malicious use might not be illegal, would not necessarily violate terms of service, and may be difficult to even recognize. Nonetheless, it could generate new forms of vulnerability and needs to be better understood ahead of time for that reason.
4. Malicious Actors & Misuse
Automated discovery and exploitation of software systems
GPAIs can be used to aid in the automated discovery of software vulnerabilities [33]. This can empower malicious actors, making their cyberattacks more effi- cient and potentially more damaging. This type of automation allows attackers to expand the scale of their operations at a low cost, increasing the impact of their actions. New malware can be developed automatically, or the known vulnerabilities can be exploited to create more sophisticated attacks.
4. Malicious Actors & Misuse
Automatically generating disinformation at scale
Disinformation (in various modalities: text, audio, images, video, etc.) can be generated with minimal human oversight and effort. Disinformation tools are relatively cheap and their technology is widely available. Such deployments can be particularly widespread in sensitive political contexts.
4. Malicious Actors & Misuse
Believability
Deepfakes can impose real social injuries on their subjects when they are circulated to viewers who think they are real. Even when a deepfake is debunked, it can have a persistent negative impact on how others view the subject of the deepfake.3
4. Malicious Actors & Misuse
Biased influence through citizen screening and tailored propaganda
AI-powered chatbots tailor their communication approach to influence individual users' decisions. In the UK, a form of initial computational propaganda has already happened during the Brexit referendum. In future, there are concerns that oppressive governments could use AI to shape citizens' opinions.
4. Malicious Actors & Misuse
Biological and chemical attacks
Growing evidence shows general- purpose AI advances beneficial to science while also lowering some barriers to chemical and biological weapons development for both novices and experts. New language models can generate step- by- step technical instructions for creating pathogens and toxins that surpass plans written by experts with a PhD and surface information that experts struggle to find online, though their practical utility for novices remains uncertain. Other models demonstrate capabilities in engineering enhanced proteins and analysing which candidate pathogens or toxins are most harmful. Experts could potentially use these in developing both more advanced weapons and defensive measures.
4. Malicious Actors & Misuse
Biological and Chemical Risks
The dual-use nature of AI technology presents a critical risk by significantly lowering technical thresholds for malicious non-state actors to design, synthesize, acquire, and deploy CBRNE (Chemical, Biological, Radiological, Nuclear, and Explosive) weapons. This capability poses unprecedented challenges to national security, international non-proliferation regimes, and global security governance.
4. Malicious Actors & Misuse
Biological Risks
Biological risks encompass the dangerous modification of pathogens and unethical manipulation of genetic material, potentially leading to unforeseen biohazardous outcomes.
4. Malicious Actors & Misuse
Biosecurity Threats
The potential misuse of general purpose AI models also extends to biosecurity threats. Biological weapons are generally understood as biological toxins or infectious agents such as viruses that are intentionally released to cause disease and death.157 General purpose AI models could facilitate the production of biological weapons, by reducing barriers through access to critical knowledge or increasingly automated assistance and thus enable more malicious actors.
4. Malicious Actors & Misuse
Bioterrorism
AIs with knowledge of bioengineering could facilitate the creation of novel bioweapons and lower barriers to obtaining such agents.
4. Malicious Actors & Misuse
Business operations/infrastructure damage
Business operations/infrastructure damage - Damage, disruption, or destruction of a business system and/or its components due to malfunction, cyberattacks, etc.
4. Malicious Actors & Misuse
Catastrophic risk due to autonomous weapons programmed with dangerous targets
AI could enable autonomous vehicles, such as drones, to be utilized as weapons. Such threats are often underestimated.
4. Malicious Actors & Misuse
CBRN
Chemical, biological, radiological, and nuclear (CBRN) risks are broad classes of threats that have the potential to cause harm to a large number of people. Explosives are also sometimes included in this category, often referred to as CBRNE...The key characteristic of CBRN risk is that it stems from misuse of capable models with a direct pathway to harm, where a malicious actor is able to carry out consequential attacks more efficiently and effectively with the help of AI.
4. Malicious Actors & Misuse
CBRN Information or Capabilities
Eased access to or synthesis of materially nefarious information or design capabilities related to chemical, biological, radiological, or nuclear (CBRN) weapons or other dangerous materials or agents.
4. Malicious Actors & Misuse
Cheating / plagiarism
Use of generative AI in an academic setting to either cheat or plagiarize
4. Malicious Actors & Misuse
Cheating/plagiarism
Cheating/plagiarism - Use of another person’s or group’s words or ideas without consent and/or acknowledgement.
4. Malicious Actors & Misuse
Chemical Risks
Chemical risks involve the exploitation of agents to synthesize chemical weapons, as well as the creation or release of hazardous substances during autonomous chemical experiments. This category also includes the risks arising from the use of advanced materials, such as nanomaterials, which may have unknown or unpredictable chemical properties.
4. Malicious Actors & Misuse
Child sexual abuse material (CSAM)
Create child sexual explicit material
4. Malicious Actors & Misuse
Civic and political harms
Political harms emerge when “people are disenfranchised and deprived of appropriate political power and influence” [186, p. 162]. These harms focus on the domain of government, and focus on how algorithmic systems govern through individualized nudges or micro-directives [187], that may destabilize governance systems, erode human rights, be used as weapons of war [188], and enact surveillant regimes that disproportionately target and harm people of color
4. Malicious Actors & Misuse
Coercion / manipulation
Use of a technology system to covertly alter user beliefs and behaviour using nudging, dark patterns and/or other opaque techniques
4. Malicious Actors & Misuse
Coercion/manipulation
Coercion/manipulation - Use of a technology system to covertly alter user beliefs and behaviour using nudging, dark patterns and/or other opaque techniques, resulting in potential erosion of privacy, addiction, anxiety/distress, etc.
4. Malicious Actors & Misuse
Cognitive risks (Risks of usage in launching cognitive warfare)
AI can be used to make and spread fake news, images, audio, and videos; propagate content of terrorism, extremism, and organized crimes; interfere in the internal affairs of other countries, social systems, and social order; and jeopardize the sovereignty of other countries.
4. Malicious Actors & Misuse
Counterfeit
Reproduce or imitate an original work, brand or style and pass as real
4. Malicious Actors & Misuse
Cyber
As the programming abilities of AI systems continue to expand, frontier AI is likely to significantly exacerbate existing cyber risks. Most notably, AI systems can be used by potentially anyone to create faster paced, more effective and larger scale cyber intrusion via tailored phishing methods or replicating malware. Frontier AI’s effect on the overall balance between cyber offence and defence is uncertain, as these tools also have many applications in improving the cybersecurity of systems and defenders are mobilising significant resources to utilise frontier AI for defensive purposes.209 In the future, we may see AI systems both conducting and defending against cyberattacks with reduced human oversight at each step.
4. Malicious Actors & Misuse
Cyber Attacks
Hackers can obtain malicious code in a low-cost and efficient manner to automate cyber attacks with powerful LLM systems.
4. Malicious Actors & Misuse
Cyber offence
General- purpose AI systems could uplift the cyber expertise of individuals, making it easier for malicious users to conduct effective cyber- attacks, as well as providing a tool that can be used in cyber defence. General- purpose AI systems can be used to automate and scale some types of cyber operations, such as social engineering attacks.
4. Malicious Actors & Misuse
Cyber offence
Attackers are beginning to use general- purpose AI for offensive cyber operations, presenting growing but currently limited risks. Current systems have demonstrated capabilities in low- and medium- complexity cybersecurity tasks, with state- sponsored threat actors actively exploring AI to survey target systems. Malicious actors of varying skill levels can leverage these capabilities against people, organisations, and critical infrastructure such as power grids.
4. Malicious Actors & Misuse
Cyber offense
Cyber risks, especially in the context of cyber offense, are an existing threat that may be exacerbated by AI. [108] demonstrated that teams of LLM agents can exploit zero-day vulnerabilities when given a description of the vulnerability and toy capture-the-flag problems. While cyber risks are not typically regarded as catastrophic, [3] argues that cyberwarfare is an underappreciated risk that poses a credible threat of catastrophic harm.
4. Malicious Actors & Misuse
Cyber Offense Risks
AI-enabled cyber offense poses a significant cyber domain security risk by fundamentally transforming the scale, sophistication, and accessibility of cyber-attacks. Unlike traditional cyber threats, AI enables both the automation of existing attack vectors and the creation of entirely new categories of offensive capabilities that can adapt and evolve in real-time. AI can automate and enhance cyber-attacks, including vulnerability discovery and exploitation, password cracking, malicious code generation, sophisticated phishing, network scanning, and social engineering. This could dramatically lower the barrier to entry for attackers while increasing the complexity of defense.12 Such malicious use could lead to critical infrastructure paralysis, widespread data breaches, and substantial economic losses.
4. Malicious Actors & Misuse
Cyber-offense
The model can discover vulnerabilities in systems (hardware, software, data). It can write code for exploiting those vulnerabilities. It can make effective decisions once it has gained access to a system or network, and skilfully evade threat detection and response (both human and system) whilst focusing on a specific objective. If deployed as a coding assistant, it can insert subtle bugs into the code for future exploitation.
4. Malicious Actors & Misuse
Cyberattack
ability of LLMs to write reasonably good-quality code with extremely low cost and incredible speed, such great assistance can equally facilitate malicious attacks. In particular, malicious hackers can leverage LLMs to assist with performing cyberattacks leveraged by the low cost of LLMs and help with automating the attacks.
4. Malicious Actors & Misuse
Cyberattacks
Generative AI facilitating the damage, disruption or destruction of a third-party system and/or its components via malfunction, cyberattacks, etc
4. Malicious Actors & Misuse
Cybercrime
Closely related to discussions surrounding security and harmful content, the field of cybersecurity investigates how generative AI is misused for fraudulent online activities. A particular focus lies on social engineering attacks, for instance by utilizing generative AI to impersonate humans, creating fake identities, cloning voices, or crafting phishing messages. Another prevalent concern is the use of LLMs for generating malicious code or hacking.
4. Malicious Actors & Misuse
Cybercrime
The increasingly advanced capabilities and availability of general purpose AI models could be misused for improvements in efficiency and efficacy of cyber crimes. This is especially true for crimes that leverage IT systems, such as fraud144 (“cyber crime in the broader sense”).
4. Malicious Actors & Misuse
Cybersecurity
LLMs may exacerbate cybersecurity risks in various ways (Newman, 2024). Firstly, LLMs may significantly amplify the effectiveness of deceptive operations aimed at tricking people into disclosing sensitive information or granting adversary access to critical resources. For example, LLMs might prove highly effective at crafting personalized phishing emails or messages at scale that may be harder for an average user to recognize as phishing attempts (Karanjai, 2022; Hazell, 2023). In addition to being directly harmful to the targeted individual, such ‘social engineering’ attacks are often the base of larger hacking operations (Plachkinova and Maurer, 2018; Salahdine and Kaabouch, 2019).
4. Malicious Actors & Misuse
Cyberspace risks (Risks of abuse for cyberattacks)
AI can be used in launching automatic cyberattacks or increasing attack efficiency, including exploring and making use of vulnerabilities, cracking passwords, generating malicious codes, sending phishing emails, network scanning, and social engineering attacks. All these lower the threshold for cyberattacks and increase the difficulty of security protection.
4. Malicious Actors & Misuse
Dangerous use
Generative AI models might be used with the sole intention of harming people.
4. Malicious Actors & Misuse
Data Security Risk
Just as every other type of individual and organization has explored possible use cases for generative AI products, so too have malicious actors. This could take the form of facilitating or scaling up existing threat methods, for example drafting actual malware code,87 business email compromise attempts,88 and phishing attempts.89 This could also take the form of new types of threat methods, for example mining information fed into the AI’s learning model dataset90 or poisoning the learning model data set with strategically bad data.91 We should also expect that there will be new attack vectors that we have not even conceived of yet made possible or made more broadly accessible by generative AI.
4. Malicious Actors & Misuse
Deception
AI has become very good at creating fake content. From text to photos, audio and video. The name Deep Fake refers to content that is fake at such a level of complexity that our mind rules out the possibility that it is fake.
4. Malicious Actors & Misuse
Deception - Synthetic identities
GenAI can produce images of people that look very real, as if they could be seen on platforms like Facebook, Twitter, or Tinder. Although these individuals do not exist in reality, these synthetic identities are already being used in malicious activities (see Table 1D).
4. Malicious Actors & Misuse
Deepfake Technology
AI employed to produce convincing counterfeit visuals, videos, and audio clips that give the impression of authenticity
4. Malicious Actors & Misuse
Defamation
Facilitating slander, defamation, or false accusations
4. Malicious Actors & Misuse
Defamation / libel / slander
Use of a technology system to create, facilitate or amplify false perception(s) about an individual, group or organisation
4. Malicious Actors & Misuse
Defamation/libel/slander
Defamation/libel/slander - Use of a technology system to create, facilitate or amplify false perception(s) about an individual, group, or organisation.
4. Malicious Actors & Misuse
Dehumanisation/objectification
Dehumanisation/objectification - Use or misuse of a technology system to depict and/or treat people as not human, less than human, or as objects.
4. Malicious Actors & Misuse
Democratizing access to dual-use technologies
Access to dual-use technologies can become easier because of GPAI model pro- liferation (in particular, open-source or open-weights models). Non-experts can use such dual-use-capable systems at a minimal cost [194, 100]. Improved model capabilities also contribute to dual-use risks posed by malicious actors. For example, an open-source base model for generating high quality sequence data can be modified to generate candidate protein sequences for toxin synthesis [29].
4. Malicious Actors & Misuse
Developments in AI enable actors to undermine democratic processes
Developments in AI are giving companies and governments more control over individuals’ lives than ever before, and may possibly be used to undermine democratic processes. We are already seeing how the collection of large amounts of personal data can be used to surveil and influence populations, for example the use of facial recognition technology to surveil Uighur and other minority populations in China [66]. Further advances in language modelling could also be used to develop tools that can effectively persuade people of certain claims [42].
4. Malicious Actors & Misuse
Diminishing societal trust due to disinformation or manipulation
The use of GPAIs may contribute to the proliferation of either deliberate dis- information or unintended misinformation can severely erode trust in public figures and democratic institutions. This diminishing trust can extend to other forms of media, making the public less informed.
4. Malicious Actors & Misuse
Dishonesty - Targeted harassment
LLMs can be deployed to target individuals online, sending them personalized and harmful messages at scale
4. Malicious Actors & Misuse
Disinformation
Bad actors can also use generative AI tools to produce adaptable content designed to support a campaign, political agenda, or hateful position and spread that information quickly and inexpensively across many platforms.
4. Malicious Actors & Misuse
Disinformation
These evaluations assess a LLM's ability to generate misinformation that can be propagated to deceive, mislead or otherwise influence the behaviour of a target (Liang et al., 2022).
4. Malicious Actors & Misuse
Disinformation and Influence Operations
In addition to unintentional degradation of the information environment (discussed in the section on Societal Harms above), frontier AI can be misused to deliberately spread false information to create disruption, persuade people on political issues, or cause other forms of harm or damage.
4. Malicious Actors & Misuse
Disinformation and manipulation of public opinion
AI, particularly general- purpose AI, can be maliciously used for disinformation (351), which for the purpose of this report refers to false information that was generated or spread with the deliberate intent to mislead or deceive. General- purpose AI- generated text can be indistinguishable from genuine human- generated material (352, 353), and may already be disseminated at scale on social media (354). In addition, general- purpose AI systems can be used to not only generate text but also fully synthetic or misleadingly altered images, audio, and video content. General- purpose AI tools might be used to persuade and manipulate people, which could have serious implications for political processes. General- purpose AI systems can be used to generate highly persuasive content at scale. This could, for example, be used in a commercial setting for advertising, or during an election campaign to influence public opinion
4. Malicious Actors & Misuse
Domain-Specific Misuses
Improvements in LLMs may exert greater pressure to apply LLMs to various domains, such as health and education (Eloundou et al., 2023). Crude efforts to use LLMs in such domains, however, may incur harm and should be discouraged strongly. In particular, it is important to guard against different ways in which LLMs may be misused within any domain. One famous episode of misuse within the health sector is a mental health non-profit experimenting LLM-based therapy on its users without their informed consent (Xiang, 2023a). Within the education sector, LLMs may be misused in various ways that might impact student learning; e.g. as cheating accessory by the students or as (low quality) evaluator of student’s work by the instructors (Cotton et al., 2023). Recent findings in moral psychology also suggest that LLMs can generate moral evaluations that people perceive as superior to human judgments; these could be misused to create compelling yet harmful moral guidance (Aharoni et al., 2024). Similar risks of misuse may exist in other domains as well.
4. Malicious Actors & Misuse
Driving opinion manipulation
AI assistants may facilitate large-scale disinformation campaigns by offering novel, covert ways for propagandists to manipulate public opinion. This could undermine the democratic process by distorting public opinion and, in the worst case, increasing skepticism and political violence.
4. Malicious Actors & Misuse
Dual use science risks
General- purpose AI systems could accelerate advances in a range of scientific endeavours, from training new scientists to enabling faster research workflows. While these capabilities could have numerous beneficial applications, some experts have expressed concern that they could be used for malicious purposes, especially if further capabilities are developed soon before appropriate countermeasures are put in place. There are two avenues by which general- purpose AI systems could, speculatively, facilitate malicious use in the life sciences: firstly by providing increased access to information and expertise relevant to malicious use, and secondly by increasing the ceiling of capabilities, which may enable the development of more harmful versions of existing threats or, eventually, lead to novel threats (404, 405).
4. Malicious Actors & Misuse
Dual Use Science risks
Frontier AI systems have the potential to accelerate advances in the life sciences, from training new scientists to enabling faster scientific workflows. While these capabilities will have tremendous beneficial applications, there is a risk that they can be used for malicious purposes, such as for the development of biological or chemical weapons.
4. Malicious Actors & Misuse
Dual-Use Capabilities Enable Malicious Use and Misuse of LLMs
Like all technologies, LLMs have the possibility for misuse by malicious actors. Malicious use of dual- use capabilities of AI is a recurring concern within literature (Brundage et al., 2018; Hendrycks et al., 2023; Mozes et al., 2023)
4. Malicious Actors & Misuse
Dual-use nature
AI’s potential for both beneficial and harmful applications complicates efforts to manage its societal impacts effectively.
4. Malicious Actors & Misuse
Dual-Use Science
LLM has science capabilities that can be used to cause harm (e.g., providing step-by-step instructions for conducting malicious experiments)
4. Malicious Actors & Misuse
Economic manipulation
Generative AI facilitating targeted manipulation of public opinion for economic purposes (e.g., inflating stock prices)
4. Malicious Actors & Misuse
Education - Learning
In contrast to traditional machine learning, the impact of generative AI in the educational sector receives considerable attention in the academic literature. Next to issues stemming from difficulties to distinguish student-generated from AI-generated content, which eventuates in various opportunities to cheat in online or written exams, sources emphasize the potential benefits of generative AI in enhancing learning and teaching methods, particularly in relation to personalized learning approaches. However, some papers suggest that generative AI might lead to reduced effort or laziness among learners. Additionally, a significant focus in the literature is on the promotion of literacy and education about generative AI systems themselves, such as by teaching prompt engineering techniques.
4. Malicious Actors & Misuse
Elections
This category addresses responses that contain factually incorrect information about electoral systems and processes, including in the time, place, or manner of voting in civic elections.
4. Malicious Actors & Misuse
Electoral interference
Electoral interference - Generation of false or misleading information that can interrupt or mislead voters and/or undermine trust in electoral processes.
4. Malicious Actors & Misuse
Enabling malicious actors and harmful actions
Some uses of AI have been deeply concerning, namely voice cloning [58] and the generation of deep fake videos [59]. For example, in March 2022, in the early days of the Russian invasion of Ukraine, hackers broadcast via the Ukrainian news website Ukraine 24 a deep fake video of President Volodymyr Zelensky capitulating and calling on his soldiers to lay down their weapons [60]. The necessary software to create these fakes is readily available on the Internet, and the hardware requirements are modest by today’s standards [61]. Other nefarious uses of AI include accelerating password cracking [62] or enabling otherwise unskilled people to create software exploits [63, 64], or effective phishing e-mails [65]. Although some believe that powerful AI models should be prevented from running on personal computers to retain some control, others demonstrate how inglorious that effort may be [66]. Furthermore, as ChatGPT-type systems evolve from conversational systems to agents, capable of acting autonomously and performing tasks with little human intervention, like Auto-GPT [67], new risks emerge.
4. Malicious Actors & Misuse
Facilitating fraud, scam and targeted manipulation
Anticipated risk: LMs can potentially be used to increase the effectiveness of crimes.
4. Malicious Actors & Misuse
Facilitating fraud, scames and more targeted manipulation
LM prediction can potentially be used to increase the effectiveness of crimes such as email scams, which can cause financial and psychological harm. While LMs may not reduce the cost of sending a scam email - the cost of sending mass emails is already low - they may make such scams more effective by generating more personalised and compelling text at scale, or by maintaining a conversation with a victim over multiple rounds of exchange.
4. Malicious Actors & Misuse
Failures in or misuse of intermediary (non-AGI) AI systems, resulting in catastrophe
Deployment of “prepotent” AI systems that are non-general but capable of outperforming human collective efforts on various key dimensions;170 → Militarization of AI enabling mass attacks using swarms of lethal autonomous weapons systems;171 → Military use of AI leading to (intentional or unintentional) nuclear escalation, either because machine learning systems are directly integrated in nuclear command and control systems in ways that result in escalation172 or because conventional AI-enabled systems (e.g., autonomous ships) are deployed in ways that result in provocation and escalation;173 → Nuclear arsenals serving as an arsenal “overhang” for advanced AI systems;174 → Use of AI to accelerate research into catastrophically dangerous weapons (e.g., bioweapons);175
4. Malicious Actors & Misuse
Falisification
Fabricate or falsely represent evidence, incl. reports, IDs, documents
4. Malicious Actors & Misuse
Financial and business
Financial and Business - Use or misuse of a technology system in a manner that damages the financial interests of an individual or group, or which causes strategic, operational, legal or financial harm to a business or other organisation.
4. Malicious Actors & Misuse
Financial and Economic Damage
Then, we have the potential for financial loss, fraud, market manipulation, and other economic harms, which fall under “Financial and Economic Damage.”
4. Malicious Actors & Misuse
Fine-tuning related (Ease of reconfiguring GPAI models)
GPAI models are often easily reconfigured for various use cases or have competencies beyond the intended use [78, 225]. They can be performed either by changing the weights of the model (e.g., fine-tuning) or by modifying only the model inputs (e.g., prompt engineering, jailbreaking, retrieval-augmented generation). Reconfiguration can be intentional (with the help of adversarial inputs) or unintentional (from unanticipated inputs to the model).
4. Malicious Actors & Misuse
Fine-tuning related (Harmful fine-tuning of open-weights models)
Models with publicly available weights can be fine-tuned for harmful activities by bad actors, using significantly fewer resources (in terms of time and money) compared to the original training cost [115, 78].
4. Malicious Actors & Misuse
Fraud
Facilitating fraud, cheating, forgery, and impersonation scams
4. Malicious Actors & Misuse
Generation of personalized content for harassment, extortion, or intimidation
GPAIs can be misused for the automated generation of content personalized to target select individuals based on their weak spots [30]. Such attacks may be more efficient and more successful in achieving the goals of harassment, extortion, or intimidation.
4. Malicious Actors & Misuse
Generative AI use in political influence campaigns
GPAI tools can be used in automation and scaling of influence campaigns [178]. Public opinion may be manipulated by targeted misleading or manipulative information. This can lead to rising political polarization and diminishing trust in public institutions.
4. Malicious Actors & Misuse
GPAI assisted impersonation
GPAI outputs are not always correctly detected as AI-generated across multiple modalities (text, images, audio, video). A malicious actor can use GPAI outputs directly when communicating, or use AI-informed details to help construct a convincing impersonation (e.g., forging of supporting documents). Even if future countermeasures prove potent enough to detect GPAI-generated content, the risk remains if the countermeasures are not well known, or difficult to access.
4. Malicious Actors & Misuse
Harassment, Impersonation, and Extortion
Deepfakes and other AI-generated content can be used to facilitate or exacerbate many of the harms listed throughout this report, but this section focuses on one subset: intentional, targeted abuse of individuals.
4. Malicious Actors & Misuse
Harm to individuals through fake content
General- purpose AI systems can be used to increase the scale and sophistication of scams and fraud, for example through general- purpose AI- enhanced ‘phishing’ attacks. General- purpose AI can be used to generate fake compromising content featuring individuals without their consent, posing threats to individual privacy and reputation.
4. Malicious Actors & Misuse
Harm to individuals through fake content
Malicious actors can use general- purpose AI to generate fake content that harms individuals in a targeted way. For example, they can use such fake content for scams, extortion, psychological manipulation, generation of non- consensual intimate imagery (NCII) and child sexual abuse material (CSAM), or targeted sabotage of individuals and organisations.
4. Malicious Actors & Misuse
Harmful Content Generation at Scale (General)
While harmful content like child sexual abuse material, fraud, and disinformation are not new challenges for governments and developers, without the proper safety and security mechanisms, advanced AI assistants may allow threat actors to create harmful content more quickly, accurately, and with a longer reach. In particular, concerns arise in relation to the following areas: - Multimodal content quality: Driven by frontier models, advanced AI assistants can automatically generate much higher-quality, human-looking text, images, audio, and video than prior AI applications. Currently, creating this content often requires hiring people who speak the language of the population being targeted. AI assistants can now do this much more cheaply and efficiently. - Cost of content creation: AI assistants can substantially decrease the costs of content creation, further lowering the barrier to entry for malicious actors to carry out harmful attacks. In the past, creating and disseminating misinformation required a significant investment of time and money. AI assistants can now do this much more cheaply and efficiently. - Personalization: Advanced AI assistants can reduce obstacles to creating personalized content. Foundation models that condition their generations on personal attributes or information can create realistic personalized content which could be more persuasive. In the past, creating personalized content was a time-consuming and expensive process. AI assistants can now do this much more cheaply and efficiently.
4. Malicious Actors & Misuse
Harmful Content Generation at Scale: Fraudulent Services
Malicious actors could leverage advanced AI assistant technology to create deceptive applications and platforms. AI assistants with the ability to produce markup content can assist malicious users with creating fraudulent websites or applications at scale. Unsuspecting users may fall for AI-generated deceptive offers, thus exposing their personal information or devices to risk. Assistants with external tool use and third-party integration can enable fraudulent applications that target widely-used operating systems. These fraudulent services could harvest sensitive information from users, such as credit card numbers, account credentials, or personal data stored on their devices (e.g., contact lists, call logs, and files). This stolen information can be used for identity theft, financial fraud, or other criminal activities. Advanced AI assistants with third-party integrations may also be able to install additional malware on users’ devices, including remote access tools, ransomware, etc. These devices can then be joined to a command-and-control server or botnet and used for further attacks.
4. Malicious Actors & Misuse
Harmful Content Generation at Scale: Non-Consensual Content
The misuse of generative AI has been widely recognized in the context of harms caused by non-consensual content generation. Historically, generative adversarial networks (GANs) have been used to generate realistic-looking avatars for fake accounts on social media services. More recently, diffusion models have enabled a new generation of more flexible and user-friendly generative AI capabilities that are able to produce high-resolution media based on user-supplied textual prompts. It has already been recognized that these models can be used to create harmful content, including depictions of nudity, hate, or violence. Moreover, they can be used to reinforce biases and subject individuals or groups to indignity. There is also the potential for these models to be used for exploitation and harassment of citizens, such as by removing articles of clothing from pre-existing images or memorizing an individual’s likeness without their consent. Furthermore, image, audio, and video generation models could be used to spread disinformation by depicting political figures in unfavorable contexts. This growing list of AI misuses involving non-consensual content has already motivated debate around what interventions are warranted for preventing misuse of AI systems. Advanced AI assistants pose novel risks that can amplify the harm caused by non-consensual content generation. Third-party integration, tool-use, and planning capabilities can be exploited to automate the identification and targeting of individuals for exploitation or harassment. Assistants with access to the internet and third-party tool-use integration with applications like email and social media can also be exploited to disseminate harmful content at scale or to microtarget individuals with blackmail.
4. Malicious Actors & Misuse
Hazardous Biological and Chemical Technologies
AI systems such as LLMs, chemical LLMs (Skinnider et al., 2021; Moret et al., 2023), and other LLM- based biological design tools might soon facilitate the production of bioweapons, chemical weapons, and other hazardous technologies. In particular, LLMs might enable actors with less expertise to more easily synthesize dangerous pathogens, while customized chemical and biological design tools might be more concerning in terms of expanding the capabilities of sophisticated actors (e.g. states) (Sandbrink, 2023). Gopal et al. (2023) and Soice et al. (2023) demonstrated that people with little background could use LLMs to help make progress towards developing pathogens such as the 1918 pandemic influenza. However, recent studies suggest that current LLMs are not more helpful than internet search in this regard (Mouton et al., 2024; Patwardhan et al., 2024).
4. Malicious Actors & Misuse
High-impact misuses and abuses beyond original purpose
Since general-purpose AI systems have a large repertoire of capabilities, mali- cious actors such as foreign actors can use such systems to cause large damage if they gain unrestricted or unmonitored access to those AI systems.
4. Malicious Actors & Misuse
Illegal Activities
This category focuses on illegal behaviors, which could cause negative societal repercussions. LLMs need to distin- guish between legal and illegal behaviors and have basic knowledge of law.
4. Malicious Actors & Misuse
Illegitimate surveillance and censorship
Anticipated risk: Mass surveillance previously required millions of human analysts [83], but is increasingly being automated using machine learning tools [7, 168]. The collection and analysis of large amounts of information about people creates concerns about privacy rights and democratic values [41, 173,187]. Conceivably, LMs could be applied to reduce the cost and increase the efficacy of mass surveillance, thereby amplifying the capabilities of actors who conduct mass surveillance, including for illegitimate censorship or to cause other harm.
4. Malicious Actors & Misuse
Illegitimate surveillance and censorship
The collection of large amounts of information about people for the purpose of mass surveillance has raised ethical and social concerns, including risk of censorship and of undermining public discourse (Cyphers and Gebhart, 2019; Stahl, 2016; Véliz, 2019). Sifting through these large datasets previously required millions of human analysts (Hunt and Xu, 2013), but is increasingly being automated using AI (Andersen, 2020; Shahbaz and Funk, 2019).
4. Malicious Actors & Misuse
Impact on education: bypassing learning
Easy access to high-quality generative models might result in students that use AI models to bypass the learning process.
4. Malicious Actors & Misuse
Impact on education: plagiarism
Easy access to high-quality generative models might result in students that use AI models to plagiarize existing work intentionally or unintentionally.
4. Malicious Actors & Misuse
Impersonation
Assume the identity of a real person and take actions on their behalf
4. Malicious Actors & Misuse
Impersonation / identity theft
Theft of an individual, group or organisation’s identity by a third-party in order to defraud, mock or otherwise harm them or another party
4. Malicious Actors & Misuse
Impersonation/identity theft
Impersonation/identity theft - Theft of an individual, group or organisation’s identity by a third-party in order to defraud, mock or otherwise harm them.
4. Malicious Actors & Misuse
Indiscriminate weapons (CBRNE)
This category addresses responses that enable, encourage, or endorse the creation of indiscriminate weapons (colloquially known as weapons of mass destruction).
4. Malicious Actors & Misuse
Indiscriminate Weapons (CBRNE)
Indiscriminate Weapons (CBRNE) Acceptable responses may describe the creation or use of or contain information about indiscriminate weapons. Unacceptable responses will enable, encourage, or endorse the creation of indiscriminate weapons, such as the following: • Chemical weapons (e.g., nerve gas) • Biological weapons (e.g., anthrax) • Radiological weapons (e.g., cobalt bombs) • Nuclear weapons (e.g., fission bombs) • High-yield explosive weapons (e.g., cluster munitions)
4. Malicious Actors & Misuse
Influence operations
Facilitating large-scale disinformation campaigns and targeted manipulation of public opinion
4. Malicious Actors & Misuse
Information
Large-scale influence on communication and information systems, and epistemic processes more generally.
4. Malicious Actors & Misuse
Information Integrity
Lowered barrier to entry to generate and support the exchange and consumption of content which may not distinguish fact from opinion or fiction or acknowledge uncertainties, or could be leveraged for large-scale dis- and mis-information campaigns.
4. Malicious Actors & Misuse
Information Manipulation
generative AI tools can and will be used to propagate content that is false, misleading, biased, inflammatory, or dangerous. As generative AI tools grow more sophisticated, it will be quicker, cheaper, and easier to produce this content—and existing harmful content can serve as the foundation to produce more
4. Malicious Actors & Misuse
Information Manipulation
The distortion of the information ecosystem, including the spread of misinformation, fake news, and other forms of deceptive content [28], is categorized as “Information Manipulation.”
4. Malicious Actors & Misuse
Information Security
Lowered barriers for offensive cyber capabilities, including via automated discovery and exploitation of vulnerabilities to ease hacking, malware, phishing, offensive cyber operations, or other cyberattacks; increased attack surface for targeted cyberattacks, which may compromise a system’s availability or the confidentiality or integrity of training data, code, or model weights.
4. Malicious Actors & Misuse
Informational and Communicational AI Risks
Informational and communicational AI risks refer particularly to informational manipulation through AI systems that influence the provision of information (Rahwan, 2018; Wirtz & Müller, 2019), AIbased disinformation and computational propaganda, as well as targeted censorship through AI systems that use respectively modified algorithms, and thus restrict freedom of speech.
4. Malicious Actors & Misuse
Institutional trust loss
Erosion of trust in public institutions and weakened checks and balances due to mis/disinformation, influence operations, or real or perceived misuse of generative AI
4. Malicious Actors & Misuse
IP / copyright / personality / rights loss
Misuse or abuse of an individual or organisation’s intellectual property, including copyright, trademarks, and patents. & Loss of or restrictions to the rights of an individual to control the commercial use of their identity, such as name, image, likeness, or other unequivocal identifiers
4. Malicious Actors & Misuse
IP/copyright loss
IP/copyright loss - Misuse or abuse of an individual or organisation’s intellectual property, including copyright, trademarks, and patents.
4. Malicious Actors & Misuse
Large-Scale Persuasion and Harmful Manipulation Risks
AI systems can be gravely misused to distort public perception and compromise social stability through the generation of synthetic content (e.g., deepfakes, sophisticated fake news) and the strategic manipulation of digital platforms with large user bases to disseminate or precisely target misleading information or ideologies.
4. Malicious Actors & Misuse
Lethal Autonomous Weapons (LAW)
What is debated as an ethical issue is the use of LAW — AI-driven weapons that fully autonomously take actions that intentionally kill humans.
4. Malicious Actors & Misuse
Lethal Autonomous Weapons Systems (LAWS)
LAWS are a distinctive category of weapon systems that employ sensor arrays and computer algorithms to detect and attack a target without direct human intervention in the system’s operation
4. Malicious Actors & Misuse
Limitations in model generative accuracy
AI-generated deepfakes can create convincingly realistic but entirely fabricated information.
4. Malicious Actors & Misuse
Making disinformation cheaper and more effective
While some predict that it will remain cheaper to hire humans to generate disinformation [180], it is equally possible that LM- assisted content generation may offer a lower-cost way of creating disinformation at scale.
4. Malicious Actors & Misuse
Making disinformation cheaper and more effective
LMs can be used to create synthetic media and ‘fake news’, and may reduce the cost of producing disinformation at scale (Buchanan et al., 2021). While some predict that it will be cheaper to hire humans to generate disinformation (Tamkin et al., 2021), it is possible that LM-assisted content generation may offer a cheaper way of generating diffuse disinformation at scale.
4. Malicious Actors & Misuse
Malicious and Direct
Directly harmful objective
4. Malicious Actors & Misuse
Malicious and Indirect
Benign intermediate for harmful end objective
4. Malicious Actors & Misuse
Malicious Code Generation
Malicious code is a term for code—whether it be part of a script or embedded in a software system—designed to cause damage, security breaches, or other threats to application security. Advanced AI assistants with the ability to produce source code can potentially lower the barrier to entry for threat actors with limited programming abilities or technical skills to produce malicious code. Recently, a series of proof-of-concept attacks have shown how a benign-seeming executable file can be crafted such that, at every runtime, it makes application programming interface (API) calls to an AI assistant. Rather than just reproducing examples of already-written code snippets, the AI assistant can be prompted to generate dynamic, mutating versions of malicious code at each call, thus making the resulting vulnerability exploits difficult to detect by cybersecurity tools. Furthermore, advanced AI assistants could be used to create obfuscated code to make it more difficult for defensive cyber capabilities to detect and understand malicious activities. AI-generated code could also be quickly iterated to avoid being detected by traditional signature-based antivirus software. Finally, advanced AI assistants with source code capabilities have been found to be capable of assisting in the development of polymorphic malware that changes its behavior and digital footprint each time it is executed, making them hard to detect by antivirus programs that rely on known virus signatures. Taken together, without proper mitigation, advanced AI assistants can lower the barrier for developing malicious code, make cyberattacks more precise and tailored, further accelerate and automate cyber warfare, enable stealthier and more persistent offensive cyber capabilities, and make cyber campaigns more effective on a larger scale.
4. Malicious Actors & Misuse
Malicious intent
A frequent malicious use case of generative AI to harm, humiliate, or sexualize another person involves generating deepfakes of nonconsensual sexual imagery or videos.
4. Malicious Actors & Misuse
Malicious Use
AI systems reducing the costs and facilitating activities of actors trying to cause harm (e.g. fraud, weapons)
4. Malicious Actors & Misuse
Malicious Use (Intentional)
empowering malicious actors to cause widespread harm
4. Malicious Actors & Misuse
Malicious use and abuse (biosecurity threats)
Many fear that generative AI could make the creation of biological weapons easier by providing access to critical knowledge and automated assistance to a wider range of actors to engage in malicious activities.
4. Malicious Actors & Misuse
Malicious use and abuse (cyberattacks)
Generative AI can help amplify the frequency and destructiveness of cyberattacks.311 It has the capacity “to increase the accessibility, success rate, scale, speed, stealth, and potency of cyberattacks. It enables the identification of critical vulnerabilities within targeted systems, facilitates the increase of the scale of cyberattacks, and accelerates the process by discovering innovative methods of system infiltration. Cyberattacks can inflict significant damage and may impact critical infrastructure, including electrical grids, financial systems, and weapons management systems.
4. Malicious Actors & Misuse
Malicious use and abuse (cybercrime)
The advanced capabilities and widespread availability of generative AI models make it possible for malicious actors to conduct harmful activities with great efficiency and on a large scale, simultaneously reducing their operational costs. Cybercriminals can “jailbreak” AI tools to generate sensitive and harmful content. They can also exploit generative AI models to create content that is persuasive and tailored to a targeted individual.
4. Malicious Actors & Misuse
Malicious use and abuse (mass surveillance)
Generative AI facilitates the automation of data analysis, offering numerous benefits, such as increased speed and the ability to process large volumes of information efficiently. Such ability significantly reduces the costs of processing unprecedented amounts of data quickly and simplifies the analysis of large-scale data related to individuals’ behaviors and beliefs. Moreover, it enhances the capability to analyze both textual and visual communications efficiently. Consequently, generative AI models improve the efficiency of real-time monitoring and censorship of social media content.
4. Malicious Actors & Misuse
Malicious use and abuse (military applications)
The advancement of AI for military purposes is rapidly ushering in a new phase of growth in military technology. Lethal Autonomous Weapons Systems (LAWS) possess the capability to detect, engage, and eliminate human targets independently, without human input.341 In 2020, a sophisticated AI agent surpassed experienced F-16 pilots in multiple simulated aerial combat scenarios, notably achieving a 5-0 victory against a human pilot through “aggressive and precise maneuvers” that the human could not surpass.342 Additionally, fully autonomous drones are already operational.
4. Malicious Actors & Misuse
Malicious use and abuse (sexually explicit content generation)
An illustrative case of malicious use of generative AI models is the creation of explicit sexual images. Generative AI technologies can be employed to produce deepfakes—for instance, superimposing a celebrity’s face onto the body of a performer in an adult film.
4. Malicious Actors & Misuse
Malicious Use and Unleashing AI Agents
LMs, due to their remarkable capabilities, carry the same potential for malice as other technological products. For instance, they may be used in information warfare to generate deceptive information or unlawful content, thereby having a significant impact on individuals and society. As current LMs are increasingly built as agents to accomplish user objectives, they may disregard the moral and safety guidelines if operating without adequate supervision. Instead, they may execute user commands mechanically without considering the potential damage. They might interact unpredictably with humans and other systems, especially in open environments
4. Malicious Actors & Misuse
Malicious use of AI
Just as AI can be used in many different fields, it is unfortunately also helpful in perpetrating digital crimes. AI-supported malware and hacking are already a reality.
4. Malicious Actors & Misuse
Malicious Use of AI
Malicious utilization of AI has the potential to endanger digital security, physical security, and political security. International law enforcement entities grapple with a variety of risks linked to the Malevolent Utilization of AI.
4. Malicious Actors & Misuse
Malicious Use Risks
As general- purpose AI covers a broad set of knowledge areas, it can be repurposed for malicious ends, potentially causing widespread harm. This section discusses some of the major risks of malicious use, but there are others and new risks may continue to emerge. While the risks discussed in this section range widely in terms of how well- evidenced they are, and in some cases, there is evidence suggesting that they may currently not be serious risks at all, we include them to provide a comprehensive overview of the malicious use risks associated with general- purpose AI systems.
4. Malicious Actors & Misuse
Malicious Uses
Harms that arise from actors using the language model to intentionally cause harm
4. Malicious Actors & Misuse
Malicious Uses
As AI assistants become more general purpose, sophisticated and capable, they create new opportunities in a variety of fields such as education, science and healthcare. Yet the rapid speed of progress has made it difficult to adequately prepare for, or even understand, how this technology can potentially be misused. Indeed, advanced AI assistants may transform existing threats or create new classes of threats altogether
4. Malicious Actors & Misuse
Manipulation
The 2016 scandal involving Cambridge Analytica is the most infamous example where people's data was crawled from Facebook and analytics were then provided to target these people with manipulative content for political purposes.While it may not have been AI per se, it is based on similar data and it is easy to see how AI would make this more effective
4. Malicious Actors & Misuse
Manipulation
The predictability of behaviour protocol in AI, particularly in some applications, can act an incentive to manipulate these systems.
4. Malicious Actors & Misuse
Manipulation of public opinion
Malicious actors can use general- purpose AI to generate fake content such as text, images, or videos, for attempts to manipulate public opinion. Researchers believe that if successful, such attempts could have several harmful consequences.
4. Malicious Actors & Misuse
Misinformation and disinformation
IIl-intentioned individuals or entities may deliberately use generative AI models to produce and spread disinformation—false or misleading information knowingly presented as if true—on a massive scale. In addition to increasing the scale and reach of disinformation, generative AI can create more convincing and targeted disinformation.
4. Malicious Actors & Misuse
Misinformation and Manipulation
Recent studies have demonstrated that LLMs can be exploited to craft deceptive narratives with levels of persuasiveness similar to human-generated content (Pan et al., 2023b; Spitale et al., 2023), to fabri- cate fake news (Zellers et al., 2019; Zhou et al., 2023f), and to devise automated influence operations aimed at manipulating the perspectives of targeted audiences (Goldstein et al., 2023). LLMs have also been found to be used in malicious social botnets (Yang and Menczer, 2023), powering automated accounts used to disseminate coordinated messages. More broadly, the use of LLMs for the deliberate generation of misleading information could significantly lower the barrier for propaganda and manip- ulation (Aharoni et al., 2024), as LLMs can generate highly credible misinformation with significant cost-savings compared to human authorship (Musser, 2023), while achieving considerable scale and speed of content generation (Buchanan et al., 2021; Goldstein et al., 2023).
4. Malicious Actors & Misuse
Misuse
The misuse class includes elements such as the potential for cyber threat actors to execute exploits with greater speed and impact or generate disinformation (such as deep fake media) at accelerated rates and effectiveness
4. Malicious Actors & Misuse
Misuse
The misuse of generative AI refers to any deliberate use that could result in harmful, unethical or inappropriate outcomes (Brundage et al., 2020). A prominent field that faces the threat of misuse is education. Cotton et al. (2023) have raised concerns over academic integrity in the era of ChatGPT. ChatGPT can be used as a high-tech plagiarism tool that identifies patterns from large corpora to generate content (Gefen & Arinze, 2023). Given that generative AI such as ChatGPT can generate high-quality answers within seconds, unmotivated students may not devote time and effort to work on their assignments and essays. Hence, in the era of generative AI, the originality of the work done by students could be difficult to assess. Text written by ChatGPT is regarded as plagiarism and is not acceptable (Thorp, 2023). Another form of misuse is cheating in examinations. If students have access to digital devices during examinations, they can resort to using ChatGPT to assist them in answering the questions. To address potential misuse in education, AI-generated content detectors such as Turnitin could be used and strict proctoring measures will need to be deployed (Susnjak, 2022). However, the challenges go beyond content detection and examination proctoring as the line between what is considered appropriate versus inappropriate use of ChatGPT could be fuzzy.
4. Malicious Actors & Misuse
Misuse for surveillance and population control
AI tools can be misused by human or institutional actors for monitoring, control- ling, or suppressing individuals [178]. Massive data collection and automated analysis are often conducted, and AI tools can further exacerbate such practices.
4. Malicious Actors & Misuse
Misuse of AI systems to assist in the creation of weapons
AI systems may be misused to aid in the creation of weapons, such as chemical, biological, radiological, and nuclear (CBRN) weapons, or augment the abilities of existing weapons, such as providing autonomous capabilities to unmanned weapon systems. Current systems do not significantly aid a malicious actor in these tasks, but they do show early signs [117]. This risk can sometimes be mitigated with input and output filtering, but is still susceptible to adversarial techniques (such as jailbreaking or paraphrasing).
4. Malicious Actors & Misuse
Misuse of drug-discovery models
Models used for drug discovery, such as drug-target affinity prediction models, can be used to identify or develop dangerous toxins. This is particularly concern- ing if the training data contains information related to potentially dangerous proteins and viruses.
4. Malicious Actors & Misuse
Misuse risks
Frontier AI may help bad actors to perform cyberattacks, run disinformation campaigns and design biological or chemical weapons. Frontier AI will almost certainly continue to lower the barriers to entry for less sophisticated threat actors.192 We focus here on only a few important misuse risks, but this is not to downplay the importance of others.
4. Malicious Actors & Misuse
Misuse Risks
However, even if a model is entirely trustworthy and reliable, Misuse or Systemic Risks remain. General purpose AI models may present significant risks to society if this technology is misused by malicious actors to produce harmful outcomes. Misuse Risks span across Cyber Crime, Biosecurity Threats and Politically Motivated Misuse.
4. Malicious Actors & Misuse
Misuse Risks
Risks arising from intentional exploitation of AI model capabilities by malicious actors to cause harm to individuals, organisations, or society.
4. Malicious Actors & Misuse
Model diversion
Model Diversion takes model manipulation one step further, by repurposing (often open-source) generative AI models in a way that diverts them from their intended functionality or from the use cases envisioned by their developers (Lin et al., 2024). An example of this is training the BERT open source model on the DarkWeb to create DarkBert.7
4. Malicious Actors & Misuse
Multimodal deepfakes
Deepfakes are media that depict real or non-existent people or events, involving the use of multiple modalities (e.g., images, audio, video). They can also involve the imitation of speech or body movements of real people. Multimodal deepfakes can be used to harass, discredit, intimidate, and extort individuals.
4. Malicious Actors & Misuse
Non-consensual intimate imagery (NCII)
Create sexual explicit material using an adult person’s likeness
4. Malicious Actors & Misuse
Nonconsensual use
Generative AI models might be intentionally used to imitate people through deepfakes by using video, images, audio, or other modalities without their consent.
4. Malicious Actors & Misuse
Offensive cyber capabilities
These evaluations focus on whether a LLM possesses certain capabilities in the cyber-domain. This includes whether a LLM can detect and exploit vulnerabilities in hardware, software, and data. They also consider whether a LLM can evade detection once inside a system or network and focus on achieving specific objectives.
4. Malicious Actors & Misuse
Offensive Cyber Operations (General)
Offensive cyber operations are malicious attacks on computer systems and networks aimed at gaining unauthorized access to, manipulating, denying, disrupting, degrading, or destroying the target system. These attacks can target the system’s network, hardware, or software. Advanced AI assistants can be a double-edged sword in cybersecurity, benefiting both the defenders and the attackers. They can be used by cyber defenders to protect systems from malicious intruders by leveraging information trained on massive amounts of cyber-threat intelligence data, including vulnerabilities, attack patterns, and indications of compromise. Cyber defenders can use this information to enhance their threat intelligence capabilities by extracting insights faster and identifying emerging threats. Advanced cyber AI assistant tools can also be used to analyze large volumes of log files, system output, or network traffic data in the event of a cyber incident, and they can ask relevant questions that an analyst would typically ask. This allows defenders to speed up and automate the incident response process. Advanced AI assistants can also aid in secure coding practices by identifying common mistakes in code and assisting with fuzzing tools. However, advanced AI assistants can also be used by attackers as part of offensive cyber operations to exploit vulnerabilities in systems and networks. They can be used to automate attacks, identify and exploit weaknesses in security systems, and generate phishing emails and other social engineering attacks. Advanced AI assistants can also be misused to craft cyberattack payloads and malicious code snippets that can be compiled into executable malware files.
4. Malicious Actors & Misuse
On Purpose - Post Deployment
Just because developers might succeed in creating a safe AI, it doesn't mean that it will not become unsafe at some later point. In other words, a perfectly friendly AI could be switched to the dark side during the post-deployment stage. This can happen rather innocuously as a result of someone lying to the AI and purposefully supplying it with incorrect information or more explicitly as a result of someone giving the AI orders to perform illegal or dangerous actions against others.
4. Malicious Actors & Misuse
Other ethical risks
Although we have discussed a number of common risks posed by ML systems, we acknowledge that there are many other ethical risks such as the potential for psychological manipulation, dehumanization, and exploitation of humans at scale.
4. Malicious Actors & Misuse
Personalized disinformation
Automatic generation of disinformation can be personalized to target specific groups or individuals. Such attacks can be more effective in achieving their goals, and their costs can be significantly reduced when using GPAIs.
4. Malicious Actors & Misuse
Persuasion and manipulation
These evaluations seek to ascertain the effectiveness of a LLM in shaping people's beliefs, propagating specific viewpoints, and convincing individuals to undertake activities they might otherwise avoid.
4. Malicious Actors & Misuse
Persuasive AIs
The deliberate propagation of disinformation is already a serious issue, reducing our shared understanding of reality and polarizing opinions. AIs could be used to severely exacerbate this problem by generating personalized disinformation on a larger scale than before. Additionally, as AIs become better at predicting and nudging our behavior, they will become more capable at manipulating us
4. Malicious Actors & Misuse
Physical Harm and Injury Risks
The integration of general-purpose AI models into embodied systems creates direct physical threats through malicious exploitation of autonomous decision-making capabilities in real-world environments. The risk lies in embodied models' capacity for autonomous action and real-world interaction, and when these capabilities are maliciously exploited they may trigger a series of serious consequences.18
4. Malicious Actors & Misuse
Political
In the UK, a form of initial computational propaganda has already happened during the Brexit referendum1 . In future, there are concerns that oppressive governments could use AI to shape citizens’ opinions
4. Malicious Actors & Misuse
Political and Economic
Political and Economic - Manipulation of political beliefs, damage to political institutions and the effective delivery of government services.
4. Malicious Actors & Misuse
Political manipulation
Political manipulation - Use or misuse of personal data to target individuals’ interests, personalities and vulnerabilities with tailored political messages via micro-advertising or deepfakes/synthetic media.
4. Malicious Actors & Misuse
Political Strategy
LLM can take into account rich social context and undertake the necessary social modelling and planning for an actor to gain and exercise political influence
4. Malicious Actors & Misuse
Politically motivated misuse
General purpose AI models could exacerbate existing tactics for political destabilisation, such as disinformation campaigns, and surveillance efforts if misused for political motivations. The technological advancements in text and media generation of general purpose AI models could refine disinformation164 attempts to shape and polarise public opinion or influence important political events.165 The improved automated processing of text, audio, image, and video could be used for surveillance measures and exacerbate human right violations and repression of political oppositions.
4. Malicious Actors & Misuse
Privacy
OpenAI’s GPT-3 was designed to be dicult to extract personal information from, including for example public gures’ dates of birth. Even so, malicious uses of AI continue to encroach on privacy, as exemplied by China’s “Sharp Eye” automated surveillance system [551] and automated cyberattacks on personal data [354]. A more drastic form of AI-enabled surveillance could be on the way in the form of nonsurgical decoding of thoughts [54]—a technique which is reportedly already used by some police forces [398].
4. Malicious Actors & Misuse
Privacy and consent
Even when a victim of targeted, AIgenerated harms successfully identifies a deepfake creator with malicious intent, they may still struggle to redress many harms because the generated image or video isn’t the victim, but instead a composite image or video using aspects of multiple sources to create a believable, yet fictional, scene. At their core, these AI-generated images and videos circumvent traditional notions of privacy and consent: because they rely on public images and videos, like those posted on social media websites, they often don’t rely on any private information.
4. Malicious Actors & Misuse
Privacy and safety
Privacy and safety deals with the challenge of protecting the human right for privacy and the necessary steps to secure individual data from unauthorized external access. Many organizations employ AI technology to gather data without any notice or consent from affected citizens (Coles, 2018).
4. Malicious Actors & Misuse
Propaganda
LLMs can be leveraged, by malicious users, to proactively generate propaganda information that can facilitate the spreading of a target
4. Malicious Actors & Misuse
Propaganda - Digital impersonations
AI-generated impersonation for identity theft might be found at the intersection of “Harm to the Person” and “Deception.”
4. Malicious Actors & Misuse
Purposeful or malicious harm
EAI systems present distinct physical risks due to their embodiment in the physical world. EAI technologies have already been designed and deployed with lethal intent, such as AI-controlled drones [52, 53]. However, fully autonomous military robots, often integrated with bespoke AI architectures [54, 55], are not yet widely used in combat. While highly or fully autonomous warfare is distinctly possible in the future [56], immediate risks arise from commercially available EAI systems, including AI-controlled quadrupeds and autonomous driving assistants.
4. Malicious Actors & Misuse
Real-world risks (Risks of misuse of dual-use items and technologies)
Due to improper use or abuse, AI can pose serious risks to national security, economic security, and public health security, such as greatly reducing the capability requirements for non-experts to design, synthesize, acquire, and use nuclear, biological, and chemical weapons and missiles; and designing cyber weapons that launch network attacks on a wide range of potential targets through methods like automatic vulnerability discovery and exploitation.
4. Malicious Actors & Misuse
Real-world risks (Risks of using AI in illegal and criminal activities)
AI can be used in traditional illegal or criminal activities related to terrorism, violence, gambling, and drugs, such as teaching criminal techniques, concealing illicit acts, and creating tools for illegal and criminal activities.
4. Malicious Actors & Misuse
Resistance to Misuse
Prohibiting the misuse by malicious attackers to do harm
4. Malicious Actors & Misuse
Risk area 4: Malicious Uses
These risks arise from humans intentionally using the LM to cause harm, for example via targeted disinformation campaigns, fraud, or malware. Malicious use risks are expected to proliferate as LMs become more widely accessible
4. Malicious Actors & Misuse
Scams
Bad actors can also use generative AI tools to produce adaptable content designed to support a campaign, political agenda, or hateful position and spread that information quickly and inexpensively across many platforms. This rapid spread of false or misleading content—AI-facilitated disinformation—can also create a cyclical effect for generative AI: when a high volume of disinformation is pumped into the digital ecosystem and more generative systems are trained on that information via reinforcement learning methods, for example, false or misleading inputs can create increasingly incorrect outputs.
4. Malicious Actors & Misuse
Security
Though chatbots cannot (yet) develop their own novel malware from scratch, hackers could soon potentially use the coding abilities of large language models like ChatGPT to create malware that can then be minutely adjusted for maximum reach and effect, essentially allowing more novice hackers to become a serious security risk
4. Malicious Actors & Misuse
Security
Implications of the weaponization of AI for defence (the embeddedness of AI-based capabilities across the land, air, naval and space domains may affect combined arms operations).
4. Malicious Actors & Misuse
Security & Defense
AI could enable more serious incidents to occur by lowering the cost of devising cyber-attacks and enabling more targeted incidents. The same programming error or hacker attack could be replicated on numerous machines. Or one machine could repeat the same erroneous activity several times, leading to an unforeseen accumulation of losses.
4. Malicious Actors & Misuse
Security threats
Facilitating the conduct of cyber attacks, weapon development, and security breaches
4. Malicious Actors & Misuse
Sexualization
The non-consensual sexualisation of an individual or group using a technology or application
4. Malicious Actors & Misuse
Social-Engineering
psychologically manipulating victims into performing the desired actions for malicious purposes
4. Malicious Actors & Misuse
Society Manipulation
manipulation of social dynamics
4. Malicious Actors & Misuse
Socio-technical and Infrastructural
Lastly, broader harms that can impact communities, societal structures, and critical infrastructures, including threats to democratic processes, social cohesion, and technological systems, are captured under “Societal, Socio-technical, and Infrastructural Damage.”
4. Malicious Actors & Misuse
Sockpuppeting
Create synthetic online personas or accounts
4. Malicious Actors & Misuse
Spreading disinformation
Generative AI models might be used to intentionally create misleading or false information to deceive or influence a targeted audience.
4. Malicious Actors & Misuse
Spreading toxicity
Generative AI models might be used intentionally to generate hateful, abusive, and profane (HAP) or obscene content.
4. Malicious Actors & Misuse
Surveillance and Censorship
Content moderation has emerged as one of the key use-cases of LLMs (Weng et al., 2023), indicating the potential of LLMs for surveillance and censorship as well (Edwards, 2023). Surveillance and censorship are one of the primary tools employed by governments with dictatorial tendencies to suppress opposing political and social voices. These censorship measures, however, are often quite crude and can be escaped with little ingenuity...However, LLMs could enable significantly more sophisticated surveillance and censorship operations at scale (Feldstein, 2019). Multimodal-LLMs or LLMs combined with speech- to-text technologies could be used for surveilling and censoring other forms of communication as well, e.g. phone calls and video messages (Whittaker, 2019). This may collectively contribute towards the worsening of personal liberties and the heightening of state oppression across the world. Examples have been documented already, for instance in calling for violence and silencing of political dissidents (Aziz, 2020), and suppression of Palestinian social media accounts (Zahzah, 2021).
4. Malicious Actors & Misuse
Surveillance capabilities
AI models and systems may grant governments or corporations increased monitoring over individuals.
4. Malicious Actors & Misuse
Systemic large-scale manipulation
AI systems embedded with systemic biases can manipulate large population segments, particularly when these biases align with the beliefs or behaviors of the targeted group. When weaponized at scale, this manipulation can exacerbate social divisions or cause large-scale disruptions, such as city-wide blackouts (e.g., by the manipulation of power consumption into the peak demand period [159]).
4. Malicious Actors & Misuse
Targeting & Personalisation
Refine outputs to target individuals with tailored attacks
4. Malicious Actors & Misuse
Technology-facilitated violence
Technology-facilitated violence occurs when algorithmic features enable use of a system for harassment and violence [2, 16, 44, 80, 108], including creation of non-consensual sexual imagery in generative AI... other facets of technology-facilitated violence, include doxxing [79], trolling [14], cyberstalking [14], cyberbullying [14, 98, 204], monitoring and control [44], and online harassment and intimidation [98, 192, 199, 226], under the broader banner of online toxicity
4. Malicious Actors & Misuse
Terrorist access
Powerful AI technologies may fall into the hands of terrorists.
4. Malicious Actors & Misuse
Threats to human institutions and life
This group comprises 11% of the articles and centers on risks stemming from AI systems designed with malicious intent or that can end up in a threat to human life. It can be divided into two key themes: threats to law and democracy, and transhumanism.
4. Malicious Actors & Misuse
Type 5: Criminal weaponization
One or more criminal entities could create AI to intentionally inflict harms, such as for terrorism or combating law enforcement.
4. Malicious Actors & Misuse
Type 6: State Weaponization
AI deployed by states in war, civil war, or law enforcement can easily yield societal-scale harm
4. Malicious Actors & Misuse
Unauthorized manipulation of AI
AI machines could be hacked and misused, e.g. manipulating an airport luggage screening system to smuggle weapons
4. Malicious Actors & Misuse
Unhelpful Uses
Improper uses of LLM systems can cause adverse social impacts.
4. Malicious Actors & Misuse
Unleashing AI Agents
people could build AIs that pursue dangerous goals’
4. Malicious Actors & Misuse
Violation of personal integrity
Non-consensual use of one’s personal identity or likeness for unauthorised purposes (e.g. commercial purposes)
4. Malicious Actors & Misuse
Violence/armed conflict
Violence/armed conflict - Use or misuse of a technology system to incite, facilitate or conduct cyberattacks, security breaches, lethal, biological and chemical weapons development, resulting in violence and armed conflict.
4. Malicious Actors & Misuse
Warfare
The dangers of AI amplifying the effectiveness/failures of nuclear, chemical, biological, and radiological weapons.
4. Malicious Actors & Misuse
Warfare and Physical Harm
The use of AI in warfare is highly alarming and may pose dangers to human safety (Hendrycks et al., 2023). Autonomous drone warfare is being aggressively pursued as a tactic in the current war in Ukraine (Meaker, 2023), and may already have been used on human targets (Hambling, 2023). The use of AI- based facial recognition has been documented in the targeting of Palestinians in Gaza (International, 2023). LLMs have already been productized in limited ways for the purposes of warfare planning (Tarantola, 2023). Furthermore, active research is being carried out to develop multimodal-LLMs that can act as ‘brains’ for general-purpose robots (Ahn et al., 2022; 2024). Due to the ‘general-purpose’ nature of such advances, it will likely be cost-effective and practical to adapt them for creating more advanced autonomous weapons
4. Malicious Actors & Misuse
Weaponised misinformation agents
Finally, AI assistants themselves could become weaponised by malicious actors to sow misinformation and manipulate public opinion at scale. Studies show that spreaders of disinformation tend to privilege quantity over quality of messaging, flooding online spaces repeatedly with misleading content to sow ‘seeds of doubt’ (Hassoun et al., 2023). Research on the ‘continued influence effect’ also shows that repeatedly being exposed to false information is more likely to influence someone’s thoughts than a single exposure. Studies show, for example, that repeated exposure to false information makes people more likely to believe it by increasing perceived social consensus, and it makes people more resistant to changing their minds even after being given a correction (for a review of these effects, see Lewandowsky et al., 2012; Ecker et al., 2022). By leveraging the frequent and personalised nature of repeated interactions with an AI assistant, malicious actors could therefore gradually nudge voters towards a particular viewpoint or sets of beliefs over time (see Chapters 8 and 9). Propagandists could also use AI assistants to make their disinformation campaigns more personalised and effective. There is growing evidence that AI-generated outputs are as persuasive as human arguments and have the potential to change people’s minds on hot-button issues (Bai et al., 2023; Myers, 2023). Recent research by the Center for Countering Digital Hate showed that LLMs could be successfully prompted to generate ‘persuasive misinformation’ in 78 out of 100 test cases, including content denying climate change (see Chapters 9 and 18). If compromised by malicious actors, in the future, highly capable and autonomous AI assistants could therefore be programmed to run astroturfing campaigns autonomously, tailor misinformation content to users in a hyperprecise way, by preying on their emotions and vulnerabilities, or to accelerate lobbying activities (Kreps and Kriner, 2023). As a result, people may be misled into believing that content produced by weaponised AI assistants came from genuine or authoritative sources. Covert influence operations of this kind may also be harder to detect than traditional disinformation campaigns, as virtual assistants primarily interact with users on a one-to-one basis and continuously generate new content (Goldstein et al., 2023).
4. Malicious Actors & Misuse
Weaponization
weaponizing AI may be an onramp to more dangerous outcomes. In recent years, deep RL algorithms can outperform humans at aerial combat [18], AlphaFold has discovered new chemical weapons [66], researchers have been developing AI systems for automated cyberattacks [11, 14], military leaders have discussed having AI systems have decisive control over nuclear silos
4. Malicious Actors & Misuse
Weaponization capabilities
AI capabilities that could be deliberately weaponized for destructive purposes.
4. Malicious Actors & Misuse
Weapons acquisition
These assessments seek to determine if a LLM can gain unauthorized access to current weapon systems or contribute to the design and development of new weapons technologies.
4. Malicious Actors & Misuse
Widespread use of persuasion tools
Widespread use of AI-powered persuasion tools could lead to systemic harm
4. Malicious Actors & Misuse
Writing - Research
Partly overlapping with the discussion on impacts of generative AI on educational institutions, this topic cluster concerns mostly negative effects of LLMs on writing skills and research manuscript composition. The former pertains to the potential homogenization of writing styles, the erosion of semantic capital, or the stifling of individual expression. The latter is focused on the idea of prohibiting generative models for being used to compose scientific papers, figures, or from being a co-author. Sources express concern about risks for academic integrity, as well as the prospect of polluting the scientific literature by a flood of LLM-generated low-quality manuscripts. As a consequence, there are frequent calls for the development of detectors capable of identifying synthetic texts.