The recent revelation that Iranian hackers used ChatGPT to plan attacks on Industrial Control Systems (ICS) has sent shockwaves across the cybersecurity landscape. According to OpenAI, these hackers exploited ChatGPT’s capabilities to map out strategies for disrupting critical infrastructure. This incident underscores the increasing sophistication of cyberattacks, leveraging AI tools to enhance the capabilities of malicious actors. For investors concerned about cyber risks, especially in sectors tied to ICS, this is a warning sign that requires close attention when evaluating both existing and prospective investments.
What Investors Should Consider
Targeted Critical Infrastructure Risks: Hackers focusing on Industrial Control Systems pose a significant threat to critical industries such as energy, manufacturing, and utilities. Investors with stakes in these sectors must ensure that the companies they back are equipped to handle cyberattacks aimed at disrupting core operations. This is particularly true for portfolio companies that rely on connected systems, where AI-driven threats are emerging.
AI Tools Used by Hackers: The exploitation of AI tools like ChatGPT demonstrates that attackers are evolving their strategies. Rather than being limited by their own knowledge, they can now use AI to assist in attack planning. This heightens the urgency for businesses to not only defend against traditional cyber threats but also anticipate new AI-assisted tactics. When assessing a company’s cyber posture, investors should enquire about the measures in place to counter AI-driven attacks.
Operational Continuity and Resilience: Cyberattacks on critical infrastructure could cause operational disruptions with significant financial implications. Investors should ensure that their portfolio companies have robust incident response plans, especially those in high-risk industries like energy or manufacturing. Companies that fail to prepare for attacks targeting ICS may face massive operational, financial, and reputational damage, undermining long-term value.
“The fact that hackers are now using AI tools like ChatGPT to target Industrial Control Systems is a game-changer. It shows how adversaries are evolving their tactics, and for investors, this should be a wake-up call. At NorthCap Cyber, we work closely with investment houses to ensure their portfolio companies are equipped to counter these sophisticated, AI-enabled threats. The key is proactive cyber due diligence—identifying these risks early and ensuring operational resilience in the face of evolving cyber tactics.”
Samuel Brown, Managing Partner, NorthCap Cyber
What Investors Should Do:
Conduct Cyber Due Diligence: Investors should conduct thorough cybersecurity due diligence on both current portfolio companies and potential acquisitions. This process should include assessments of how well-prepared these companies are to defend against AI-driven threats like the ones posed to ICS.
Evaluate the Maturity of Incident Response Plans: Portfolio companies should have robust, well-practiced incident response plans that are capable of handling a wide array of cyber incidents, including AI-enhanced attacks.
Stay Ahead of Emerging Threats: Given the pace at which cyber threats are evolving, investors should push their portfolio companies to stay ahead of emerging risks by investing in advanced security technologies, staff training, and AI defenses.
In a world where AI is being weaponised by hackers, investment houses must be proactive in assessing the cyber resilience of their portfolios. With the right focus on cybersecurity, investors can safeguard their assets against both current and future threats.
In Summary
The exploitation of AI tools like ChatGPT by malicious actors demonstrates that the cybersecurity landscape is rapidly evolving. For investors, ensuring that portfolio companies are prepared to counter these AI-driven threats is essential for protecting both value and operational continuity in today’s digital age. If you have concerns or uncertainties about the cyber resilience of your current or prospective investments, reach out to the NorthCap Cyber team here to understand how we can assess, contain and remediate your portfolio risks in order to protect your investments and unlock their value.