Beijing Forbidden City
Image: Markus Winkler via Unsplash+/Photomosh

Chinese hackers are using AI to inflame social tensions in US, Microsoft says

Beijing-linked influence operations have begun to use generative artificial intelligence to amplify controversial domestic issues in places like the U.S. and Taiwan, according to new research.

The campaigns mainly used the technology to create visual content designed to spark conflict ahead of elections, a report published by Microsoft on Thursday found. 

AI-generated audio clips featuring a prominent Taiwanese presidential candidate, for example, were posted across social media in an attempt to sway voters to the candidate preferred by Beijing. Although YouTube quickly removed the content before it could reach large numbers of users, the posts illustrated the ability of governments to spin up fake content about practically anything.

“This was the first time that Microsoft Threat Intelligence has witnessed a nation state actor using AI content in attempts to influence a foreign election,” the researchers said. 

The same Chinese group has also created a slate of new content featuring AI-generated news anchors and used other AI-created videos to harass Canadian politicians last year. 

The fake content is promoted through a network of 175 websites in more than 58 languages and often covers high-profile geopolitical events — especially ones that paint the United States in a negative light. 

Some examples include outlandish claims that a U.S. government weapon caused the Hawaii wildfires and others implicating Japan in a scheme to dispose of nuclear wastewater in the Pacific Ocean. Another campaign sought to promote conspiracy theories around a train derailment in Kentucky over Thanksgiving.  

Microsoft also found multiple Chinese Communist Party affiliated social media accounts impersonating U.S. voters and responding to news stories attempting to cause dissension.

The “sockpuppet” accounts posted AI-made videos, members and infographics promoting issues like American drug use, immigration and racial tension. 

“China is using fake social media accounts to poll U.S. voters on what divides them most to sow division and possibly influence the outcome of the U.S. Presidential election in its favor,” said Clint Watts, general manager of Microsoft’s Threat Analysis Center (MTAC). “There is little evidence these efforts have been successful in swaying opinion.”

Watts warned that with major elections in India, South Korea and the U.S. this year, it is likely that China “will at a minimum create and amplify AI-generated content to benefit its interests.”

The country’s experimentation with AI-created memes, videos and audio will continue and “may prove more effective down the line,” he added. 

Google has released similar warnings about China’s increasing reliance on AI-generated content in their disinformation operations targeting the U.S.

North Korea's AI efforts

In addition to China’s attempts to use generative AI and large language models, North Korean actors were seen using the tools to improve their attacks on a variety of targets. 

Microsoft said most of North Korea’s targeting continues to focus on cryptocurrency firms and conducting software supply chain attacks in an effort to generate revenue for their weapons program. 

“Our report catalogs multiple instances of cryptocurrency heists, spear-phishing and software supply chain attacks and efforts to undermine the trilateral alliance between the U.S., Japan and South Korea,” Watts noted. 

“Notably, Microsoft and OpenAI have observed the North Korean actor we call Emerald Sleet using tools powered by AI large-language models (LLMs) to make their operations more effective and efficient. Microsoft partnered with OpenAI to disable accounts and assets associated with Emerald Sleet.”

Emerald Sleet allegedly used LLMs to research vulnerabilities, conduct reconnaissance on organizations and experts focused on North Korea, troubleshoot technical issues, conduct basic scripting tasks, and draft content for spear-phishing messages.

Microsoft faced significant backlash recently after a Department of Homeland Security report highlighted grave missteps the tech giant made in dealing with a Chinese cyberattack that gave the country access to the email accounts of senior U.S. leaders including U.S. Commerce Secretary Gina Raimondo and Congressman Don Bacon.

Nearly a year into the fiasco, Microsoft still does not know how Chinese hackers broke into their systems and gained access to the email accounts.

Get more insights with the
Recorded Future
Intelligence Cloud.
Learn more.
No previous article
No new articles
Jonathan Greig

Jonathan Greig

is a Breaking News Reporter at Recorded Future News. Jonathan has worked across the globe as a journalist since 2014. Before moving back to New York City, he worked for news outlets in South Africa, Jordan and Cambodia. He previously covered cybersecurity at ZDNet and TechRepublic.