Preparing for malicious uses of AI

OpenAI Blog Papers

Summary

OpenAI co-authors a comprehensive paper forecasting malicious uses of AI and proposing mitigation strategies, developed in collaboration with leading research institutions. The work emphasizes acknowledging AI's dual-use nature, learning from cybersecurity practices, and broadening stakeholder discussions around AI security risks.

We’ve co-authored a paper that forecasts how malicious actors could misuse AI technology, and potential ways we can prevent and mitigate these threats. This paper is the outcome of almost a year of sustained work with our colleagues at the Future of Humanity Institute, the Centre for the Study of Existential Risk, the Center for a New American Security, the Electronic Frontier Foundation, and others.
Original Article
View Cached Full Text

Cached at: 04/20/26, 02:56 PM

# Preparing for malicious uses of AI Source: [https://openai.com/index/preparing-for-malicious-uses-of-ai/](https://openai.com/index/preparing-for-malicious-uses-of-ai/) We’ve co\-authored a paper that forecasts how malicious actors could misuse AI technology, and potential ways we can prevent and mitigate these threats\. This paper is the outcome of almost a year of sustained work with our colleagues at the Future of Humanity Institute, the Centre for the Study of Existential Risk, the Center for a New American Security, the Electronic Frontier Foundation, and others\. AI challenges global security because it lowers the cost of conducting many existing attacks, creates new threats and vulnerabilities, and further complicates the attribution of specific attacks\. Given the changes to the threat landscape that AI seems to bring, the report makes some high\-level recommendations that companies, research organizations, individual practitioners, and governments can take to ensure a safer world: - **Acknowledge AI’s dual\-use nature**: AI is a technology capable of immensely positive and immensely negative applications\. We should take steps as a community to better evaluate research projects for perversion by malicious actors, and engage with policymakers to understand areas of particular sensitivity\. As we write in the paper: “Surveillance tools can be used to catch terrorists or oppress ordinary citizens\. Information content filters could be used to bury fake news or manipulate public opinion\. Governments and powerful private actors will have access to many of these AI tools and could use them for public good or harm\.” Some potential solutions to these problems include pre\-publication risk assessments for certain bits of research, selectively sharing some types of research with a significant safety or security component among a small set of trusted organizations, and exploring how to embed norms into the scientific community that are responsive to dual\-use concerns\. - **Learn from cybersecurity**: The computer security community has developed various practices that are relevant to AI researchers, which we should consider implementing in our own research\. These range from “red teaming” by intentionally trying to break or subvert systems, to investing in tech forecasting to spot threats before they arrive, to conventions around the confidential reporting of vulnerabilities discovered in AI systems, and so on\. - **Broaden the discussion**: AI is going to alter the global threat landscape, so we should involve a broader cross\-section of society in discussions\. Parties could include those involved in the civil society, national security experts, businesses, ethicists, the general public, and other researchers\. Like our work on[concrete problems in AI safety⁠](https://openai.com/index/concrete-ai-safety-problems/), we’ve grounded some of the problems motivated by the malicious use of AI in concrete scenarios, such as: persuasive ads generated by AI systems being used to target the administrator of a security systems; cybercriminals using neural networks and “fuzzing” techniques to create computer viruses with automatic exploit generation capabilities; malicious actors hacking a cleaning robot so that it delivers an explosives payload to a VIP; and rogue states using omniprescent AI\-augmented surveillance systems to pre\-emptively arrest people who fit a predictive risk profile\. We’re excited to start having this discussion with our peers, policymakers, and the general public; we’ve spent the last two years researching and solidifying our internal policies at OpenAI and are going to begin engaging a wider audience on these issues\. We’re especially keen to[work with more⁠](https://openai.com/careers/)researchers that see themselves contributing to the policy debates around AI as well as making research breakthroughs\.

Similar Articles

Disrupting malicious uses of AI

OpenAI Blog

OpenAI publishes an annual report on disrupting malicious uses of AI, detailing its efforts to prevent state-affiliated actors and other bad actors from misusing AI tools for purposes including authoritarian control, child exploitation, influence operations, and cyber attacks.

Preparing for future AI risks in biology

OpenAI Blog

OpenAI publishes a comprehensive approach to managing dual-use risks from advanced AI models in biology, outlining strategies for enabling beneficial scientific discovery while preventing misuse for bioweapons development through expert collaboration, model training, detection systems, and security controls.

Disrupting malicious uses of AI | February 2026

OpenAI Blog

OpenAI released a February 2026 threat report detailing case studies on detecting and preventing malicious uses of AI, highlighting how threat actors combine AI models with traditional tools and abuse multiple platforms and models in coordinated campaigns.

OpenAI’s approach to AI and national security

OpenAI Blog

OpenAI published its approach to AI and national security in response to the White House's National Security Memorandum on AI, outlining its framework for national security partnerships guided by democratic values, safety, and responsibility. The company details existing collaborations with DARPA and USAID while establishing guardrails against harmful use cases.

Disrupting malicious uses of AI: October 2025

OpenAI Blog

OpenAI released its October 2025 report on disrupting malicious uses of AI, detailing over 40 disrupted networks violating usage policies including state-affiliated threats, scams, and influence operations since February 2024.