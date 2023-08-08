The emergence of Large Language Models (LLMs) is redefining how cybersecurity teams and cybercriminals operate. LLMs are a new type of attack surface that make certain types of attacks easier, more cost-effective, and even more persistent.

In a bid to explore security risks posed by these innovations, we attempted to hypnotize popular LLMs to determine the extent to which they were able to deliver directed, incorrect, and potentially risky responses and recommendations, including security actions, and how persuasive or persistent they were in doing so. We were able to successfully hypnotize five LLMs, prompting us to examine how likely it is that hypnosis is used to carry out malicious attacks.

We found that English has essentially become a “programming language” for malware. With LLMs, attackers no longer need to rely on other programming languages to create malicious code, they just need to understand how to effectively command and prompt an LLM using English.

Our experiment showed that it is possible to control an LLM and get it to provide bad guidance to users without data manipulation being a requirement. Through hypnosis, we were able to get LLMs to leak confidential financial information, create vulnerable code, create malicious code, and offer weak security recommendations.

These findings highlight the potential risks associated with LLMs and the ease with which threat actors can exploit this emerging attack surface. It is important for cybersecurity teams to be aware of these risks and take appropriate measures to mitigate them.

In conclusion, the use of LLMs in cyber attacks poses hidden risks that need to be addressed. As LLM technology continues to evolve, it is crucial for both security teams and organizations to stay vigilant and proactive in their defense against cyber threats.