Lowering the Bar(d)? Check Point Research’s security analysis spurs concerns over Google Bard’s limitations
Highlights:
- Check Point Research (CPR) releases an analysis of Google’s generative AI platform ‘Bard’, surfacing several scenarios where the platform permits cybercriminals’ malicious efforts
- Check Point Researchers were able to generate phishing emails, malware keyloggers and basic ransomware code
- CPR will continue monitoring this worrying trend and developments in this area, and will further report
Background – The rise of intelligent machines
The revolution of generative AI has sparked a paradigm shift in the field of artificial intelligence, enabling machines to create and generate content with remarkable sophistication. Generative AI refers to the subset of AI models and algorithms that possess the ability to autonomously generate text, images, music, and even videos that mimic human creations. This groundbreaking technology has unlocked a multitude of creative possibilities, from assisting artists and designers to enhancing productivity in various industries.
However, the proliferation of generative AI has also raised significant concerns and ethical considerations. One of the primary concerns revolves around the potential misuse of this technology for malicious purposes, such as cybercrime.
In previous reports, Check Point Research has extensively reported on how cybercriminals have started exploiting the revolutionary technology for malicious use, more specifically- creating malicious code and content over OpenAIs generative AI platform, ChatGPT.
In this report, our researchers turned to Google’s generative AI platform “Bard”. Based on previous LaMDA technology, Google described Bard as “An experiment based on this same technology that lets you collaborate with generative AI. As a creative and helpful collaborator, Bard can supercharge your imagination, boost your productivity, and help you bring your ideas to life—whether you want help planning the perfect birthday party and drafting the invitation, creating a pro & con list for a big decision, or understanding really complex topics simply.”
Motivation
On that notion, and following previous analysis, our researchers analyzed the platform with 2 main goals:
- To check if it is possible to use this platform for malicious purposes (e.g. creation of phishing email / malware/ ransomware)
- Comparing Google Bard to ChatGPT in perspective of creation of malicious content.
Our analysis spurred some concerns which we now present in this report.
What was CPR able to create using Google Bard?
- Phishing emails
- Malware keylogger (surveillance tool used to monitor and record each keystroke on a specific computer)
- Basic ransomware code
ChatGPT Vs Google Bard – what did we find?
An optimistic beginning with much less optimistic conclusion:
Initially we tried the most straightforward request for creation of a phishing email –a request which was was rejected by both ChatGPT and Bard.
Next, we tried again, but this time asking for a specific example of such phishing email, to which ChatGPT rejected our request while Bard provided a well written phishing email impersonating a specific financial service.
Our next request was for an authentic piece of malware code, with a straightforward request, resulting in both models rejecting our request.
On our 2nd attempt, we provided some justification for this request, but both platforms still did not play along.
We can also note the different outputs by these model, specifically a full detailed explanation by ChatGPT, while Bard’s answers are short and general.
Next, we tried asking for a general purpose keylogger code – here we can see the difference as ChatGPT is more restrictive and identified our request as potentially malicious, while Bard simply provided us with the code.
Finally, we asked the same request for a keylogger in a more specific way, so it will record “My” keystrokes. As a result, both models provided us with a different code for the same purpose, although ChatGPT did add a sort of disclaimer about potentially using it for malicious purpose.
Ransomware code on demand via Bard
Our first request was straightforward and without any specific details:
Bard did not play along and did not provide us with the script we asked for.
We tried a different approach by first asking it to describe the most common actions performed by a Ransomware and this played out well:
Next we asked Bard to create such a code with a simple copy-paste, but again we did not get the script we requested.
So we tried again, this time making our request a bit more specific, however based on the minimal actions we asked, it is pretty clear what the purpose of this script was, and Bard started to play along and provided us with the requested ransomware script:
From that point, we can modify the script with Google Bard’s assistance and get it to do pretty much everything we want.
After modifying it a bit with Bard’s help and adding some additional functionalities and exception handling, we actually got a working script:
Conclusion
Our observations regarding Bard are as follows:
- Bard’s anti-abuse restrictors in the realm of cybersecurity are significantly lower compared to those of ChatGPT. Consequently, it is much easier to generate malicious content using Bard’s capabilities.
- Bard imposes almost no restrictions on the creation of phishing emails, leaving room for potential misuse and exploitation of this technology.
- With minimal manipulations, Bard can be utilized to develop malware keyloggers, which poses a security concern.
- Our experimentation revealed that it is possible to create basic ransomware using Bard’s capabilities.
Overall, it appears that Google’s Bard has yet to fully learn from the lessons of implementing anti-abuse restrictions in cyber areas that were evident in ChatGPT. The existing restrictions in Bard are relatively basic, similar to what we observed in ChatGPT during its initial launch phase several months ago leaving us to still hope that these are the stepping stones on a long path, and that the platform will embrace the needed limitations and security boundaries needed.