U.S. State Department Investigates AI-Generated Impersonation of Secretary Marco Rubio
In a concerning development, an individual using an artificially generated voice to impersonate U.S. Secretary of State Marco Rubio contacted several foreign officials and U.S. government personnel last month. This incident, detailed in a diplomatic cable obtained by Reuters, highlights the growing risks posed by AI-driven cyber threats.
The impersonation occurred in mid-June, with the individual reaching out to three foreign ministers, a U.S. governor, and a member of Congress through the Signal messaging app. In some cases, the person sent text messages inviting the targeted individuals to communicate via Signal. Voicemails were also left for at least two of the recipients. The purpose of these interactions was likely to manipulate the individuals using AI-generated text and voice messages, aiming to gain access to sensitive information or accounts.
The Washington Post first reported on this incident, which comes shortly after another cybersecurity issue involving former National Security Advisor Mike Waltz. A group chat on Signal accidentally included a journalist who later received information about military strikes on Yemen.
While the State Department cable, dated July 3, noted that there is no direct cyber threat from this campaign, it warned that information shared with third parties could be exposed if the targeted individuals are compromised. The cable was sent to all diplomatic and consular posts, urging staff to warn external partners about fake accounts and impersonations.
No specific identities of the foreign ministers or U.S. officials involved have been disclosed. A senior State Department official confirmed the department is aware of the incident and is currently investigating the matter. “The Department takes seriously its responsibility to safeguard its information and continuously takes steps to improve the department’s cybersecurity posture to prevent future incidents,” the official said, speaking on the condition of anonymity.
Growing Concerns Over AI-Powered Cyber Threats
This incident is part of a broader trend where malicious actors are increasingly leveraging artificial intelligence to impersonate high-ranking officials. In mid-May, the FBI warned that bad actors were using text messages and AI-generated voice messages to target senior U.S. officials. The goal, according to the FBI, is to gain access to personal accounts of state and federal government officials.
Such access could be used to target other officials or their associates, potentially leading to the disclosure of sensitive information or even financial exploitation. Despite the severity of the threat, the FBI has not commented publicly on the recent incident involving Secretary Rubio.
The State Department cable also referenced a separate attempt in April, which was attributed to a Russia-linked hacker. In that case, the perpetrator conducted a phishing campaign targeting think tanks, Eastern European activists, and former State Department officials. The attacker used a fake “@state.gov” email address along with logos and branding from the Bureau of Diplomatic Technology.
“The actor demonstrated extensive knowledge of the department’s naming conventions and internal documentation,” the cable stated. The individual posed as a State Department official in messages sent to private Gmail accounts. The State Department attributed this campaign to a cyber actor associated with the Russian Foreign Intelligence Service.
Ongoing Cybersecurity Challenges
This latest incident follows reports that U.S. federal authorities are investigating an effort to impersonate White House Chief of Staff Susie Wiles. These events underscore the increasing sophistication of cyber threats and the need for continuous vigilance.
As AI technology becomes more advanced, the potential for misuse grows. Government agencies must remain proactive in identifying and mitigating these risks. The State Department has emphasized its commitment to improving cybersecurity measures and protecting sensitive information.
With the rise of AI-powered impersonation tactics, it is clear that both public and private sectors must collaborate to stay ahead of emerging threats. The lessons learned from these incidents will be crucial in shaping future cybersecurity strategies and ensuring the integrity of communications at the highest levels of government.
