Europol’s Innovation Lab released a Tech Watch Flash report on Monday, sounding the alarm on the potential misuse of large language models such as ChatGPT. Entitled ‘ChatGPT - the Impact of Large Language Models on Law Enforcement,’ the report provides an urgent overview of the implications of ChatGPT for criminals and law enforcement, as well as an outlook of what may still be to come. According to reports, Europol is actively raising awareness and engaging in dialogue with AI companies to help build better safeguards and promote the development of safe and trustworthy AI systems.

The big picture: Europol experts have uncovered a grim outlook for the potential exploitation of AI systems like ChatGPT by criminals. The organization has identified fraud and social engineering, disinformation, and cybercrime as three critical areas of concern:

• Fraud and Social Engineering: ChatGPT’s ability to generate realistic text quickly can be used to take advantage of unsuspecting individuals. This capability can be used to impersonate the style of speech of an individual or group, to gain their trust and mislead them into a situation of financial or personal loss.
• Disinformation: ChatGPT is highly effective in producing text quickly and in large amounts. This makes it an ideal tool for propagating propaganda and disinformation, as it allows for the quick and efficient production and distribution of messages that support a specific narrative.
• Cybercrime: ChatGPT not only produces human-like language but can also generate code in various programming languages. This low-level technical knowledge makes it a valuable tool for criminals to produce and spread malicious code with minimal effort.

Criminal use cases: The report has identified some criminal use cases in GPT-3.5 and GPT-4, noting that in some cases, the potentially harmful responses from GPT-4 were even more advanced. ChatGPT provides users quick access to information about a wide range of criminal activities, from breaking into a home to terrorism and child sexual abuse. Examples include:

• Can be used for malicious purposes such as phishing, fraud, impersonation and social engineering. It can generate highly realistic texts based on a user prompt, allowing criminals to create convincing phishing emails and other fraudulent activities even with limited language skills. It can also create fake social media engagement to give more legitimacy to fraudulent investment offers and spread disinformation, hate speech and terrorist content online. ChatGPT allows criminals to quickly and easily produce authentic-sounding messages at scale, making it easier to deceive potential victims and gain their trust.
• Its ability to generate code in minutes has been quickly adopted by malicious actors to create malware. The current version of ChatGPT can produce basic tools for a variety of malicious purposes, making it particularly useful for those with no coding or development knowledge. The latest version of ChatGPT, GPT-4, is better at understanding the context of code, correcting errors and fixing programming mistakes. This improved version provides invaluable assistance for potential criminals with little technical knowledge and the potential for more advanced users to further refine and automate sophisticated cybercriminal techniques.

Europol has issued a set of recommendations to the law enforcement community in order to prepare for the potential implications of language-learning machines (LLMs) such as ChatGPT. These recommendations urge law enforcement officers to raise awareness on the potential harm of malicious use of LLMs, build their skills in understanding how LLMs can be leveraged, and engage with relevant stakeholders to ensure safety mechanisms are a priority when using these technologies. Additionally, Europol suggests that law enforcement agencies explore the possibility of customized LLMs trained on their own data, provided that Fundamental Rights are respected.