
The information displayed in the AIM should not be reported as representing the official views of the OECD or of its member countries.
HKCERT handled 7,752 security incidents in 2023, with phishing rising 27% to nearly half of cases. Malicious actors increasingly use AI-based tools like WormGPT to generate malware, code and deepfake videos for phishing. HKCERT forecasts five 2024 risks, urging updated backups, vulnerability management and deepfake detection.[AI generated]
Why's our monitor labelling this an incident or hazard?
The article describes a current situation where AI is already being used by hackers to conduct phishing and cyberattacks, which are causing harm to individuals and organizations (harm to property, communities, and potentially financial harm). The use of AI tools like WormGPT and Deepfake for malicious purposes is explicitly mentioned as contributing to these attacks. Therefore, this qualifies as an AI Incident because the AI system's use has directly or indirectly led to realized harms through cybercrime. Additionally, the article discusses plausible future harms from AI weaponization in cyberattacks, but since harm is already occurring, the classification prioritizes AI Incident over AI Hazard.[AI generated]