University of Toronto researchers demonstrate autonomous AI cyber worm
Lead author Nicolas Papernot warns that once launched, the cost of such attacks could drop to nearly zero, urging policymakers to act before bad actors adapt the technology to find unknown vulnerabilities.
A research team at the University of Toronto has developed a prototype artificial intelligence-powered cyber worm capable of spreading through networks without human intervention. Utilising publicly accessible open-weight AI models, the worm tailors its attacks to exploit known vulnerabilities across Linux, Windows, and IoT devices. The prototype operates within a secure, closed environment with extensive precautions, distinguishing its experimental nature from active threats in the wild.
Unlike traditional computer worms designed by programmers to exploit specific, static flaws, this AI-driven prototype adapts its strategy as it moves through the network. If an infection is discovered and patched on a specific machine, the worm can identify and exploit other flaws to continue attacking that same device. It gathers data, including passwords, and siphons processing power from infected machines to fuel its own reasoning and strategy for future attacks.
Nicolas Papernot, the lead author of the research, noted that the prototype currently only exploits known flaws and cannot find unknown vulnerabilities. This stands in contrast to models like Anthropic’s Mythos, which was recently launched to identify previously unknown cybersecurity risks and has reportedly uncovered more than 10,000 flaws. Similarly, Cloudflare has utilised similar AI tools to identify 2,000 vulnerabilities, including 400 considered high or critical.
Papernot highlighted that the primary risk lies in the potential for bad actors to adapt this technology to discover and exploit new vulnerabilities, potentially making such threats nearly unstoppable. He stated that while hackers have typically had to prioritise high-value targets due to limited computing resources, the cost of launching such a worm would drop to nearly zero once deployed.
The researchers emphasised that the findings are intended to galvanise industry leaders, policymakers, and the research community to take action against emerging threats. Papernot warned that in an interconnected world, no system is immune to this type of autonomous threat, urging a rapid response to mitigate the risks posed by self-sustaining AI cyber weapons.
