OpenAI’s threat intelligence team tracked what it believes are two distinct clusters of activity online from groups with ties to China and posting content seemingly designed to stoke anger around divisive topics like AI and data centers.

The first, dubbed “Data Center Bandwagon,” used ChatGPT to create imagery and social media comments claiming data center buildouts were raising electricity prices for Americans.

Another used the tool to develop images and online posts characterizing tariffs as a covert means for the countries to exert control over the global technological landscape. According to OpenAI, the originating prompts directed ChatGPT to only include U.S. President Donald Trump in this content, while leaving out Chinese President Xi Jinping, who has also made use of tariffs.  

In both cases, OpenAI said the operators “likely originated” in China. The anti-data center content was traced to an unnamed Chinese technology company that holds multiple contracts with regional Chinese governments, and both clusters used VPNs to evade restrictions, prompted ChatGPT in simplified Chinese and asked for both English and Chinese-language outputs, all while posing as Americans on social media platforms like X and YouTube.

“This looks like a classic example of a foreign influence operation jumping onto the bandwagon of a genuine and pre-existing domestic debate and trying to manipulate it by using fake accounts posing as Americans,” online, said Ben Nimmo, principal investigator at OpenAI and author of the report. 

While OpenAI – which has sought to raise hundreds of millions of dollars in funding to build datacenters in the U.S. – is not a neutral party, the report does not claim that anti-data center sentiment in the country is being driven or bolstered by foreign propaganda online.

There’s little evidence that the campaigns got much attention outside their own amplification networks. Such engagement from third parties is an imperfect but important indicator of an influence operation’s impact. OpenAI rated the campaigns a 1 and 2 on the Bookings breakout scale, scores that indicate activity on one or more platforms but no evidence of meaningful engagement by targeted audiences.

Additionally, researchers who study state-sponsored influence campaigns say these groups are happy to latch onto and amplify genuine domestic movements or messaging so long as it serves their larger destabilization goals.

Others have suggested that piggybacking off established narratives with organic momentum – like public anger at AI and data centers – can make an influence operation appear more effective.

While AI tools can be leveraged to create such internet content at scale, they often fail to gain traction. Some images used by Chinese actors appear clunky or use overly direct messaging that display a lack of familiarity with both the English language and internet virality.

“I do want to be really clear here: this was not a case of an influence operation creating a debate,” said Nimmo. “The debate existed already. This was an influence operation from China trying to interfere in it. We didn’t see any signs that it succeeded.”

He added that while such views are “reasonable” and “sincerely held” by many participants on both sides, “what we don’t want to see is a covert foreign influence operation posing as Americans to try to shape it, still less a foreign influence operation using the very AI that it attacks.”

According to the OpenAI report, the actors used ChatGPT to edit work reports which contained operational security details about their social media campaigns. In them, they described their goals as “establishing persistent and credible accounts, producing visually appealing content to expand audience reach in different regions and maintaining long term account viability by anticipating platform enforcement.”

Another report fed into ChatGPT discussed how best to leverage Facebook’s content ecosystem, groups, pages, hashtags, advertising tools, recommendation systems and reporting mechanisms, as well as strategies for evading Meta’s detection of coordinated inauthentic accounts.

The campaign around tariffs also used ChatGPT to create short comments, comics in English but also Italian, Japanese and traditional Chinese accusing the US of putting profits over loyalty to its allies. OpenAI said they were targeted by the same network on X with an influence campaign alleging a widespread user data breach that Nimmo said “never happened.”

While OpenAI said the campaigns likely originated in China, they do not directly attribute the operations to the Chinese government or actors working on their behalf, but do note that many parts of the campaign and its tactics overlap with pre-established Chinese government propaganda campaigns online.

The post OpenAI: ‘Likely’ Chinese influence operation tried to use ChatGPT to stir debate on data centers  appeared first on CyberScoop.

The growth of data centers — and adversaries’ targeting of them — left lawmakers at a hearing Wednesday contemplating whether the federal government has the right setup for defending them.

Some industry witnesses and experts at the hearing of the House Homeland Security Subcommittee on Cybersecurity and Infrastructure Protection testified that the answer might be to give data centers their own standalone designation as a critical infrastructure sector.

The question of how to secure data centers against cyber and physical attacks coincides with artificial intelligence fuelling a boom in the building of such facilities across the United States. Last month, Iranian drones targeted two Amazon data centers in response to the U.S.-Israel bombing campaign on Iran, and a third data center in Bahrain was struck as well.

“If a major data center is attacked, disrupted, or taken offline, the consequences can reach far beyond one company or one sector,” Rep. Andy Ogles, R-Tenn., said in prepared opening remarks. “Yet our current framework does not provide a clear, unified approach to data center security. It does not clearly answer which federal agency is responsible for understanding the risk, coordinating with industry, or leading the response when this infrastructure is targeted.”

Three providers account for 63 percent of the market share of data centers: Amazon Web Services, Microsoft Azure and Google Cloud Platform. 

The United Kingdom already has deemed data centers as a standalone critical infrastructure sector. Reps. Vince Fong, R-Calif., and LaMonica McIver, D-N.J., asked panel witnesses Wednesday about federal protection of them.

“Given the scrutiny that is required to make sure that those data centers are secure, there would be a benefit in having them work together as a unique coordinating council,” said Robert Mayer, senior vice president for cybersecurity and innovation at USTelecom, an industry group.

The Foundation for Defense of Democracies’ Mark Montgomery suggested a sector that combines data centers and cloud providers, given the overlap in ownership. The 2024 rewrite of a White House national security memo left some experts disappointed that it didn’t designate cloud computing as a critical infrastructure sector. 

Samuel Visner, chair of the board of directors of the Space Information Sharing and Analysis Center, said he agreed, given the role data centers are playing in the U.S. economy, military and other dependencies. “Finding a way to regard them as part of our critical infrastructure and protect them accordingly is sine qua non, absolutely necessary,” he said.

A fourth witness didn’t weigh in on the need for a separate critical infrastructure designation. But Scott Algeier, executive director of Information Technology Information Sharing and Analysis Center, said his organization had created a “special interest group” for data center providers.

“The data centers are integrated already into the critical infrastructure discussions,” he told the panel.

The post Congress, industry ponder government posture for protecting data centers appeared first on CyberScoop.