Abstract
We argue that Large language models (LLMs) will soon alter the economics ofcyberattacks. Instead of attacking the most commonly used software andmonetizing exploits by targeting the lowest common denominator among victims,LLMs enable adversaries to launch tailored attacks on a user-by-user basis. Onthe exploitation front, instead of human attackers manually searching for onedifficult-to-identify bug in a product with millions of users, LLMs can findthousands of easy-to-identify bugs in products with thousands of users. And onthe monetization front, instead of generic ransomware that always performs thesame attack (encrypt all your data and request payment to decrypt), anLLM-driven ransomware attack could tailor the ransom demand based on theparticular content of each exploited device. We show that these two attacks (and several others) are imminently practicalusing state-of-the-art LLMs. For example, we show that without any humanintervention, an LLM finds highly sensitive personal information in the Enronemail dataset (e.g., an executive having an affair with another employee) thatcould be used for blackmail. While some of our attacks are still too expensiveto scale widely today, the incentives to implement these attacks will onlyincrease as LLMs get cheaper. Thus, we argue that LLMs create a need for newdefense-in-depth approaches.