OpenAI and Anthropic LLMs Used in Critical Infrastructure Cyber-Attack, Warns Dragos

A recent cyber-attack on a water and drainage facility's operational technology infrastructure leveraged large language models (LLMs) from OpenAI and Anthropic to plan and execute the assault. The attackers utilized these commercial AI models to inform their tactics, highlighting the dual-use potential of LLMs in both enhancing and compromising critical infrastructure security. This incident underscores the expanding risk surface associated with LLM developments, which can be exploited by malicious actors to launch more sophisticated attacks¹. The use of OpenAI and Anthropic LLMs in this context demonstrates the evolving threat landscape, where attackers are adapting and leveraging emerging technologies to target vulnerable systems. As LLMs continue to advance, their security implications will likely outpace the hype surrounding their capabilities. This attack serves as a warning to critical infrastructure operators to reevaluate their security posture in light of these emerging threats, so what matters most to practitioners is reassessing their defenses against the increasingly complex attacks enabled by LLMs.