Dragos Warns AI Models Used in Critical Infrastructure Attack
WASHINGTON — Industrial cybersecurity firm Dragos recently warned that threat actors used large language models from OpenAI and Anthropic in a cyberattack targeting critical infrastructure, according to a report published by Infosecurity Magazine.
The warning from Dragos, a U.S.-based industrial control system security company, highlights what experts say is an emerging threat vector in which commercially available AI tools are being weaponized against operational technology environments, including systems that manage power grids, water treatment facilities and manufacturing operations.
The disclosure adds to documented instances of generative AI misuse for offensive cyber operations. While AI labs including OpenAI and Anthropic have published usage policies prohibiting the use of their models for cyberattacks, security researchers have repeatedly demonstrated that determined adversaries can circumvent safety guardrails.
Dragos, which specializes in monitoring and defending industrial control systems and SCADA networks, focuses on threats to operational technology. The company’s client base spans energy, manufacturing, water and other critical infrastructure sectors across the United States.
The warning comes amid increased regulatory attention on AI-enabled threats to critical infrastructure. Federal agencies including the Cybersecurity and Infrastructure Security Agency have focused on such threats, and a 2023 executive order on AI safety specifically addressed the intersection of AI capabilities and national security.
Both OpenAI, based in San Francisco, and Anthropic, also headquartered in San Francisco, have invested in safety research and publish regular transparency reports on attempts to misuse their platforms. OpenAI has previously disclosed disrupting state-affiliated threat actors attempting to use its models for reconnaissance and social engineering campaigns.
Security researchers and policymakers have raised concerns that as AI models become more capable, they could lower the barrier to entry for attacks on industrial systems that were previously associated with sophisticated nation-state actors.
Neither OpenAI nor Anthropic immediately responded to requests for comment on the Dragos findings, according to the Infosecurity Magazine report.
The disclosure comes as members of Congress and federal regulators continue to examine questions of AI oversight, particularly regarding the potential use of frontier models in attacks on systems deemed vital to national security.
