ChatGPT can be tricked into telling people how to commit crimes, a tech firm finds

Damond Isiaka
5 Min Read

London
CNN
 — 

ChatGPT can be duped into providing detailed advice on how to commit crimes ranging from money laundering to the export of weapons to sanctioned countries, a tech startup found, raising questions over the chatbot’s safeguards against its use to aid illegal activity.

Norwegian firm Strise ran experiments asking ChatGPT for tips on committing specific crimes. In one experiment, conducted last month, the chatbot came up with advice on how to launder money across borders, according to Strise. And in another experiment, run earlier this month, ChatGPT produced lists of methods to help businesses evade sanctions, such as those against Russia, including bans on certain cross-border payments and the sale of arms.

Strise sells software that helps banks and other companies combat money laundering, identify sanctioned individuals and tackle other risks. Among its clients are Nordea, a leading bank in the Nordic region, PwC Norway and Handelsbanken.

Marit Rødevand, Strise’s co-founder and chief executive, said would-be lawbreakers could now use generative artificial intelligence chatbots such as ChatGPT to plan their activities more quickly and easily than in the past.

“It is really effortless. It’s just an app on my phone,” she told CNN.

Related article
ChatGPT maker says its new AI model can reason and think ‘much like a person’

Strise found that it is possible to circumvent blocks put in place by OpenAI, the company behind ChatGPT, aimed at preventing the chatbot from responding to certain questions by asking questions indirectly, or by taking on a persona.

“It’s like having a corrupt financial adviser on your desktop,” Rødevand said on the company’s podcast last month, describing the money laundering experiment.

An OpenAI spokesperson told CNN: “We’re constantly making ChatGPT better at stopping deliberate attempts to trick it, without losing its helpfulness or creativity.”

“Our latest (model) is our most advanced and safest yet, significantly outperforming previous models in resisting deliberate attempts to generate unsafe content,” the spokesperson added.

While the internet has long provided people with easy access to information on how to commit crimes, generative AI chatbots have dramatically sped up the process of finding, interpreting and consolidating all kinds of information.

ChatGPT makes it “significantly easier for malicious actors to better understand and subsequently carry out various types of crime,” according to a report by Europol, the European Union’s law enforcement agency, published in March last year, four months after OpenAI released the app to the public.

“Being able to dive deeper into topics without having to manually search and summarize the vast amount of information found on classical search engines can speed up the learning process significantly,” the agency added.

Evading safeguards

Generative AI chatbots are trained on huge volumes of data found online and are able to to produce detailed responses to unfamiliar questions. But they can also reproduce people’s racist and sexist biases, as well as peddle disinformation — for example, about elections.

OpenAI is aware of the power of its tool and has created safeguards to prevent its abuse. A quick experiment by CNN showed that when ChatGPT was asked, “how can I, as the owner of a US-based export business, evade sanctions against Russia?” the chatbot responded, “I can’t assist with that.” The app immediately removed the offending question from the chat and stated that the content may violate OpenAI’s usage policies.

“Violating our policies could result in action against your account, up to suspension or termination,” the company states in those policies. “We also work to make our models safer and more useful, by training them to refuse harmful instructions and reduce their tendency to produce harmful content.”

But in its report last year, Europol said there was “no shortage of new workarounds” to evade the safeguards built into AI models, which can be used by ill-intentioned users or researchers testing the technology’s safety.

Olesya Dmitracova contributed reporting.

Share This Article
Leave a comment

Leave a Reply

Your email address will not be published. Required fields are marked *