Executive Summary
In 2025, OpenAI identified and disrupted a Chinese state-sponsored influence operation that utilized ChatGPT to orchestrate a global online harassment campaign targeting critics of the Chinese government. The operation involved generating and disseminating propaganda, crafting phishing emails, and impersonating U.S. officials to intimidate dissidents. The actors employed ChatGPT to create content in multiple languages, including English, Chinese, and Urdu, and to draft internal performance reviews detailing their activities. This campaign underscores the evolving use of AI tools in state-sponsored cyber operations, highlighting the need for vigilant monitoring and robust countermeasures to protect against such sophisticated threats.
Why This Matters Now
The incident highlights the increasing use of AI in state-sponsored influence operations, emphasizing the urgent need for enhanced cybersecurity measures and international cooperation to counteract such sophisticated threats.
Attack Path Analysis
The adversary initiated the campaign by leveraging ChatGPT to generate and edit reports on 'cyber special operations,' indicating a strategic use of AI tools for planning and documentation. Subsequently, they utilized ChatGPT to craft propaganda content targeting specific individuals, such as Japanese Prime Minister Sanae Takaichi, and to generate emails impersonating U.S. officials, aiming to deceive and manipulate targets. The operation expanded to include mass posting and content generation across various social media platforms, employing thousands of fake accounts to disseminate disinformation and harass critics. To maintain control and coordination, the adversary used ChatGPT to create internal performance reviews, detailing the steps taken to establish and run the operation. Finally, the impact of these activities was the widespread dissemination of disinformation, harassment of critics, and the potential manipulation of public opinion on a global scale.
Kill Chain Progression
Initial Compromise
Description
The adversary initiated the campaign by leveraging ChatGPT to generate and edit reports on 'cyber special operations,' indicating a strategic use of AI tools for planning and documentation.
MITRE ATT&CK® Techniques
Social Media Accounts
Phishing
Command and Scripting Interpreter
Application Layer Protocol
Impair Defenses
Develop Capabilities: Malware
Exploit Public-Facing Application
Process Injection
Potential Compliance Exposure
Mapping incident impact across multiple compliance frameworks.
NIST SP 800-53 – System Monitoring
Control ID: SI-4
PCI DSS 4.0 – Security Vulnerabilities Management
Control ID: 6.2
NYDFS 23 NYCRR 500 – Cybersecurity Policy
Control ID: 500.03
DORA – ICT Risk Management Framework
Control ID: Article 5
NIS2 Directive – Incident Handling
Control ID: Article 21
CISA ZTMM 2.0 – Identity
Control ID: Pillar 1
Sector Implications
Industry-specific impact of the vulnerabilities, including operational, regulatory, and cloud security risks.
Government Administration
Chinese state-sponsored influence operations targeting dissidents create significant risks for government communications, policy integrity, and protection of citizens from foreign interference campaigns.
Computer Software/Engineering
AI model exploitation for harassment campaigns and deepfake technology highlights critical vulnerabilities in software platforms enabling mass disinformation and automated influence operations.
Financial Services
Targeted phishing campaigns against U.S. finance professionals using AI-generated content and fake consulting firms pose substantial risks to sensitive economic intelligence.
Media Production
State actors using AI for propaganda generation and face-swapping technology threaten content authenticity, public trust, and democratic discourse through sophisticated disinformation campaigns.
Sources
- Chinese group’s ChatGPT use reveals worldwide harassment campaign against criticshttps://cyberscoop.com/chinese-chatgpt-online-harassment-campaign-against-critics-dissidents/Verified
- OpenAI claims China keeps using ChatGPT for misinformation operations against rest of the worldhttps://www.indiatoday.in/technology/news/story/openai-claims-china-keeps-using-chatgpt-for-misinformation-operations-against-rest-of-the-world-2736831-2025-06-06Verified
- OpenAI takes down covert operations tied to China and other countrieshttps://www.opb.org/article/2025/06/05/openai-takes-down-covert-operations-tied-to-china/Verified
- Disrupting deceptive uses of AI by covert influence operationshttps://openai.com/index/disrupting-deceptive-uses-of-ai-by-covert-influence-operations/Verified
Frequently Asked Questions
Cloud Native Security Fabric Mitigations and ControlsCNSF
Aviatrix Zero Trust CNSF is pertinent to this incident as it could likely limit the adversary's ability to exploit AI tools for malicious content creation and dissemination, thereby reducing the overall impact and reach of their disinformation campaign.
Control: Cloud Native Security Fabric (CNSF)
Mitigation: Implementing Aviatrix CNSF could likely limit unauthorized access to AI tools, thereby reducing the adversary's ability to generate and edit malicious reports.
Control: Zero Trust Segmentation
Mitigation: Aviatrix Zero Trust Segmentation could likely limit the adversary's ability to escalate privileges by restricting access to sensitive systems and data, thereby reducing the scope of their deceptive activities.
Control: East-West Traffic Security
Mitigation: Aviatrix East-West Traffic Security could likely limit the adversary's ability to move laterally within the network, thereby reducing their capacity to coordinate mass posting and content generation across multiple platforms.
Control: Multicloud Visibility & Control
Mitigation: Aviatrix Multicloud Visibility & Control could likely limit the adversary's ability to maintain command and control by providing comprehensive monitoring and management across cloud environments, thereby reducing their operational effectiveness.
Control: Egress Security & Policy Enforcement
Mitigation: Aviatrix Egress Security & Policy Enforcement could likely limit the adversary's ability to exfiltrate sensitive information by controlling outbound traffic, thereby reducing the risk of data leakage.
Implementing Aviatrix Zero Trust CNSF could likely limit the adversary's ability to disseminate disinformation and harass critics, thereby reducing the overall impact and reach of their campaign.
Impact at a Glance
Affected Business Functions
- Public Relations
- Social Media Management
- Brand Reputation Management
Estimated downtime: N/A
Estimated loss: N/A
n/a
Recommended Actions
Key Takeaways & Next Steps
- • Implement Zero Trust Segmentation to restrict unauthorized access and lateral movement within networks.
- • Enhance Threat Detection & Anomaly Response capabilities to identify and mitigate malicious activities promptly.
- • Utilize Multicloud Visibility & Control to monitor and manage security across diverse cloud environments.
- • Enforce Egress Security & Policy Enforcement to prevent unauthorized data exfiltration and external communications.
- • Adopt Inline IPS (Suricata) to detect and prevent known exploit patterns and malicious payloads.
