NYU Researchers Develop AI-Powered Ransomware Prototype

An AI system (large language models) is explicitly involved in the ransomware prototype's operation. Although the ransomware is currently a proof-of-concept and has not caused actual harm, the article highlights the credible potential for such AI-powered ransomware to cause significant harm in the future, including data theft, file encryption, and destruction. Therefore, this event qualifies as an AI Hazard because it plausibly could lead to an AI Incident if weaponized and deployed maliciously. It is not an AI Incident since no harm has occurred yet, nor is it merely complementary information or unrelated.

The event involves an AI system explicitly used to generate ransomware code, demonstrating the AI's role in the development and potential use of malicious software. While the ransomware has not caused actual harm yet, the researchers acknowledge that attackers could adapt this approach, indicating a credible risk of future harm. The article also references real-world use of AI in extortion, reinforcing the plausibility of harm. Since no actual harm has occurred but the threat is credible and imminent, this fits the definition of an AI Hazard rather than an AI Incident or Complementary Information.

The event involves an AI system (large language models) used in the development and operation of ransomware malware. The malware was created and tested by researchers and discovered in VirusTotal, but it was not deployed maliciously in the wild, so no actual harm has occurred yet. However, the malware's capabilities and design demonstrate a credible risk of future harm through autonomous ransomware attacks, which could disrupt systems and cause property and community harm. This fits the definition of an AI Hazard, as the AI system's use could plausibly lead to an AI Incident. The event is not Complementary Information because it is not merely an update or governance response; it is the primary disclosure of a new AI-enabled threat. It is not an AI Incident because no realized harm has been reported from this malware's use in the wild.

The event involves the use of AI systems (autonomous ransomware powered by AI models) in the execution of ransomware attacks, which have directly led to realized harms including data theft, operational disruption, and reputational damage. The AI's role is pivotal in automating and scaling these attacks, lowering the barrier for criminals and increasing the frequency and impact of incidents. Therefore, this qualifies as an AI Incident under the framework, as the AI system's use has directly led to significant harms.

The ransomware uses an AI system to dynamically generate malicious scripts, which directly leads to harm by encrypting or locking users' data, a form of harm to property and potentially to individuals or organizations. This constitutes an AI Incident because the AI system's use in the ransomware directly causes harm through cybercrime.