Sensitive data was exfiltrated by Incalmo in a simulation conducted by Carnegie Mellon and Anthropic researchers.
Autonomous cyber-attacks have been facilitated by the new Incalmo attack toolkit, which was developed using large language models.
Intended to mimic the 2017 Equifax hack - that affected almost 147 million U.S. customers' information - Cybersecurity Dive reports.
Sensitive data was exfiltrated by Incalmo in a simulation conducted by Carnegie Mellon and Anthropic researchers, who noted LLM usage for high-level attack strategy and both LLM and non-LLM agents for exploit deployment and other less demanding tasks
"Currently, a lot of cybersecurity defenses rely on human operators and I am not sure how well that will scale up to machine-timescale defences. For this reason, we are currently exploring research into defences for autonomous attacks and LLM-based autonomous defenders," said lead researcher Brian Singer.
Written by
Dan Raywood is a B2B journalist with 25 years of experience, including covering cybersecurity for the past 17 years. He has extensively covered topics from Advanced Persistent Threats and nation-state hackers to major data breaches and regulatory changes.
He has spoken at events including 44CON, Infosecurity Europe, RANT Forum, BSides Scotland, Steelcon and the National Cyber Security Show, and served as editor of SC Media UK, Infosecurity Magazine and IT Security Guru. He was also an analyst with 451 Research and a product marketing lead at Tenable.
