On February 14, 2024, Microsoft, in partnership with OpenAI, published research documenting how state-affiliated threat actors had begun using large language models, and announced it had disabled the accounts and assets involved. It was one of the first detailed public accounts of nation-state adversaries probing commercial AI services for offensive use.
The report named five groups. Forest Blizzard, linked to Russian military intelligence, used LLMs to research satellite and radar technologies and for scripting help. Emerald Sleet, a North Korean actor, used them for vulnerability research, scripting, reconnaissance on Korea experts, and social-engineering content. Crimson Sandstorm, tied to Iran’s IRGC, used them to draft phishing emails and develop code and evasion techniques. The China-linked Charcoal Typhoon and Salmon Typhoon used them for reconnaissance, scripting, translation, and intelligence gathering.
Notably, Microsoft and OpenAI stated that they had “not yet observed particularly novel or unique AI-enabled attack or abuse techniques.” The actors were using the models as productivity aids, the way many people do, rather than to unlock fundamentally new attacks. This framing tempered alarm even as it confirmed that adversaries were actively experimenting. Both companies disabled all associated accounts.
The disclosure set an industry precedent for AI providers tracking, naming, and cutting off state-linked misuse of their systems, a practice that would expand over the following years, culminating in later reports of AI being used to orchestrate substantial portions of a cyberattack.