Platform
Solutions
Resources
Company

Documentation

Malicious LLM's: A Practical Guide

LLM Blog

Understanding the Threat Vectors:

Malicious LLMs like FraudGPT and WormGPT possess capabilities reported to encompass writing malicious code, creating ‘undetectable malware’, generating phishing pages, crafting hacking tools, identifying vulnerable targets, and more. While much has been exaggerated about their malware-writing capacity, MaLLMs do pose tangible risks to organisations, albeit through known threat vectors. Therefore, organisations should have mechanisms in place for detection, containment, and recovery from MaLLM threats.
Now, let's delve into the heart of the matter by mapping these threat vectors to the MITRE ATT&CK framework.

Mapping Threat Vectors to MITRE ATT&CK:

While the increasing arsenal of MaLLM's available to threat actors raises concerns, you'll find reassurance in knowing that your security program is well-equipped to detect and defend against many of these LLM threat vectors. In this section, you are presented a comprehensive matrix designed to:
privacy icon
Understanding Malicious LLM Threats-Highlight specific threat vectors, such as 'Crafting Spear Phishing Email'
privacy icon
Mapping to MITRE ATT&CK-Show how these threats align with the MITRE ATT&CK framework for better recognition and categorization.
privacy icon
Highlight MITRE Tactics-Delve into the tactics involved, like 'Initial Access,' to provide a comprehensive view of the MaLLM threat landscape.
privacy icon
Understanding Downstream Risks-Explore the downstream potential losses associated with each threat vector.
privacy icon
Effective Mitigating Controls-Cover potential mitigating controls.
LLM Table

The Impact of Known Attack Vectors

While it's true that malicious LLMs do not presently provide threat actors with entirely new attack vectors, they are increasing the potential quality and volume of threats. This, in turn, could result in costly impacts on organisations globally. To illustrate this point, let's review some relevant data from the 2023 IBM Ponemon: Cost of a Data Breach report, which highlights the significant financial repercussions of known initial attack vectors.
attack vector

Conclusion

In summary, keeping pace with Malicious LLMs is no small task. However, this pragmatic approach to mapping threat vectors to mitigating controls through MITRE ATT&CK can significantly reduce susceptibility to MaLLM-driven attacks.

Consider these key takeaways:

  • MaLLMs amplify known threat vectors, warranting vigilant defence.
  • Your security program likely has the tools to detect and mitigate these threats.
  • Regularly assess your defences, verify mitigating controls, and adapt to evolving risks.
blog cover
Blog

Understanding APT29: A Closer Look at the Cyber Threat Landscape

Recently, Microsoft disclosed a concerning security breach involving, APT 29, also known a

blog cover
Blog

China Nation State (All Threat Actors)

Recent reports from FBI Director Christopher Wray underscore an alarming surge in Chinese-affiliated hacking activities

blog cover
Blog

Managing the National Vulnerability Database (NVD) Issue

Recent reports have revealed a significant issue with the National Vulnerability Database

Ready for Action? Get Started Today!

Stay informed and ready for action with an AI monitoring service that covers you
24x7 and alerts on emerging threats and exploits.

The only AI-enabled Continuous Threat Exposure Management Solution (CTEM)

Stay informed and ready for action with an AI monitoring service that covers you 24x7 and alerts on emerging threats and exploits.

Privacy Policy
Terms & Policy
Cookies

Copyright © 2025. All Rights Reserved. RiskHorizon and the RiskHorizon logo are trademarks of RiskHorizon, Inc.