Exploring the real-world misuse of generative AI by threat actors

This white paper explores the misuse of generative AI by government-backed threat actors and information operations groups. Key findings include:

• Threat actors use AI for research, troubleshooting, and content generation rather than developing novel capabilities
• Iranian APT actors were the heaviest users of Gemini, followed by Chinese and North Korean groups
• Russian APT actors showed limited use of Gemini
• Information operations actors used AI for research, content creation, and translation
• Google's security measures restricted malicious content generation

The report details use cases and Google's approach to AI safety, highlighting the need for industry-wide security standards.