Bot that helps hackers write code

 The Copilot service developed by Microsoft and GitHub specialists, designed to simplify the work of programmers, can be used by hackers to create malicious software

Copilot, created by GitHub based on artificial intelligence, acts like keyboards on mobile devices.

GitHub introduced this service at the end of June, and its development required the help of OpenAI. Copilot is expected to make life easier for developers.

So, during the development of the service, specialists trained it on billions of lines of code. And now, when a developer writes code, GitHub Copilot gives suggestions that can be used for more productive coding.

Russian cybersecurity experts believe that innovation of GitHub may be useful not only for software developers, but also for cybercriminals.

According to experts, the new program may make it easier for hackers to write code, and they will be able to do it faster. Consequently, the number of authors of such code may increase.

Denis Legezo, a senior cybersecurity expert with Kaspersky Lab, noted that any technology, including Copilot, cannot be good or bad in itself. It is important for what purposes a person uses it. The expert did not rule out that the new program, as a convenient and accessible development tool, can also be used by cybercriminals.

The GIS expert Nikolay Nashivochnikov told about the danger of using a new bot for programmers by hackers.

"As we can see, new services simplify the life of not only white hat hackers, but also black hat. If the hackers manage to introduce a dangerous design into the Copilot system, and it starts offering developers to insert this vulnerability into their code, as a result, we can get a more widespread vulnerability," said Mr. Nashivochnikov.

Experts also talk about the possibility of banal theft of someone else's code. In about 0.1% of cases, the code will be literally taken from the training sample. In the remaining 99.9% of cases, the service uses a training sample as a basis for synthesizing something new.




Comments