Abstract

We evaluate how generative AI exacerbates the cyber risks faced by senior citizens. We assess the risk that powerful LLMs can easily be misconfigured to serve a malicious purpose, and that platforms such as HackGPT or WormGPT can facilitate low-skilled script kiddies to replicate the effectiveness of high-skilled threat actors. We surveyed 85 seniors and found that the combination of loneliness and low cyber literacy places 87% of them at high risk of being hacked. Our survey further revealed that 67% of seniors have already been exposed to potentially exploitable digital intrusions and only 22% of seniors have sufficient awareness of risks to ask techno-literate for remedial assistance. Our risk analysis suggests that existing attack vectors can be augmented with AI to create highly personalized and believable digital exploits that are extremely difficult for seniors to distinguish from legitimate interactions. Technological advances allow for the replication of familiar voices, live digital reconstruction of faces, personalized targeting, and falsification of records. Once an attack vector is identified, certain generative polymorphic capabilities allow rapid mutation and obfuscation to deliver unique payloads. Both inbound and outbound risks exist. In addition to inbound attempts by individual threat actors, seniors are vulnerable to outbound attacks through poisoned LLMs, such as Threat GPT or PoisonGPT. Generative AI can maliciously alter databases to provide incorrect information or compromised instructions to gullible seniors seeking outbound digital guidance. By analyzing the extent to which senior citizens are at risk of exploitation through new developments in AI, the paper will contribute to the development of effective strategies to safeguard this vulnerable population.

This work is licensed under a Creative Commons Attribution 4.0 License.