ISLAMABAD, JULY15: A cyber security alert has been released by the Cabinet Division, which addresses the possible hazards and privacy issues related to AI-driven chatbots like ChatGPT.When OpenAI released ChatGPT in November 2022, it became widely used and sparked a discussion about potential security risks. The advise emphasizes how popular social networking platforms, online browsers, and cellphones have included chatbots such as ChatGPT, Bard, CoPilot, and MyAi. As a result, individuals and organizations need to exercise caution when using these chatbots.
The advise claims that a large number of businesses worldwide are integrating chatbots and APIs driven by AI into their information systems and operational procedures.Although these technologies are very beneficial, there are also cyber hazards associated with them, especially when users store discussions that may contain confidential information, private messages, or delicate business plans. Important data might be made public in the case of a breach if unauthorized access is gained to these accounts.
It was recently discovered that the ChatGPT Mac program was keeping confidential user information in plain text. Even if the problem was promptly fixed, it remains a reason for concern.According to the alert, users managing very sensitive data should refrain from utilizing ChatGPT and related chatbots. If using critical information is necessary, it should be concealed. It is encouraged that users not provide any data that could reveal sources or capabilities. It is advised to manually delete conversations or disable chat-saving capabilities in order to reduce hazards.
Furthermore, it is imperative to use malware-free, screened computers for chatbot interactions because compromised systems may result in keylogging or screenshot disclosures of confidential information.Organizations have been asked by the cabinet division to implement best practices in order to guarantee the safe use of chatbots and safeguard their data. It’s critical to stay current with emerging security and artificial intelligence trends.
Identifying weaknesses and creating mitigation strategies for AI-driven chatbots can be facilitated by performing thorough risk assessments. In order to prevent data theft, the warning also suggests utilizing distinct internet PCs free of official or private data when using chatbots.
Robust access controls and access log monitoring are critical components of the monitoring of chatbot access. It is advisable to put into practice a zero-trust security approach, which treats every user and device as a possible threat. Strong authentication procedures should be in place to support the need-to-know principle of resource access.
The recommendation states that secure communication routes, such as encrypted channels and secure APIs, should be utilized to avoid unwanted access. Workers need to be informed on the hazards involved with using chatbots carefully, so they don’t divulge private information and are wary of social engineering and hostile assaults.In order to ensure that the required precautions are taken, the Cabinet Division has directed the federal and provincial governments to distribute this information to all relevant departments and organizations.