The technology companies do not stop talking about AGIalthough there are many doubts that it is so close how they want to sell us. General artificial intelligence is one that will be capable of surpassing humans in all facets of knowledge. We don’t know if it will be able to surpass us in everything, but there is already a niche in which it is overtaking us: hacking.
The experiment. It was carried out by Stanford University researchers and we have known him through a Wall Street Journal report. What they did was develop a hacking bot called Artemis whose objective is to scan the network in search of possible bugs or vulnerabilities through which it can sneak in.
They released Artemis into the university’s own engineering network and confronted her with ten pentestersprofessional hackers who are dedicated to simulating attacks to find bugs and then correct them. The bot had a ‘kill switch’ so it could be turned off at any time if things got complicated and the human hackers had instructions to force and test, but without actually penetrating the network.
The results. To the surprise of its creators, Artemis achieved excellent results, outperforming nine of the ten human hackers. The bot managed to find bugs much faster than its competitors and, above all, at a much lower price. It is estimated that a pentester charges between $2,000 and $2,500 per day, while Artemis only “charges” $60 per hour.
Another “look”. Artemis didn’t do everything right. At least 18% of his bug reports were false positives and he also ignored a very obvious bug on a website that human hackers saw the first time. Instead, he detected a bug that no human had detected. The reason is that the failure was on a website that did not work in Chrome or Firefox, the browsers used by hackers. Artemis is not a person and does not use browsers, but instead used a program and was able to read the website, finding the bug.
AI and hacking. The Cybercriminals have been using AI for some time to make malware more effective. Recently Anthropic discovered that a Chinese hacking group was using Claude Code for a large-scale espionage campaign. What is striking is that Claude functioned as an agent who was in charge of the entire attack cycle, not just a part of the process.
AI to do good. AI is lowering the barrier to entry for developing attacks, but it can also be used for protection. Research such as that from Stanford shows that AI can also be used to test insecure systems, find bugs and thus be able to patch them. The problem that arises is where the role of professionals such as pentesters will be if AI ends up doing its job for much less money.
Image | Sora Shimazaki, Pexels
In Xataka | Agents are the great promise of AI. They also aim to become the new favorite weapon of cybercriminals
GIPHY App Key not set. Please check settings