AI agents open door to new hacking threats / Photo: Lionel BONAVENTURE - AFP/File
-
Nasdaq falls again on mixed day for US stocks, oil prices rise
-
Yoon grabs early Women's PGA Championship lead with Korda in hunt
-
France squad look to do grieving Deschamps proud in final World Cup group game
-
Will Taylor Swift and Travis Kelce wed in New York? Clues abound
-
Mayweather's Athens fight with Zambidis is off: report
-
Lawyer says Vondrousova 'should appeal' against four-year ban
-
Alonso committed to Aston Martin, but keeping options open
-
Hospitals raise alert as heatwave slams Europe
-
Events cancelled, records loom as heatwave reaches Germany
-
'Alligator Alcatraz' detention center shuts in US: official
-
Czech striker Schick ends international career
-
Tennis great Evert says 'relentless' cancer has returned
-
US says wants deal with Iran, but not 'at any price'
-
Colombian president-elect gives armed groups one month to surrender
-
US Supreme Court hands win to Bayer in weedkiller litigation
-
Apple raises prices for MacBooks and iPads, as costs soar over AI
-
UK suffers as heat breaks new June record
-
US Supreme Court says asylum seekers can be turned away before border
-
Binance to suspend crypto services in several EU countries
-
Olivia Wilde looks at evolving relationships in 'The Invite'
-
Hamilton reveals neck injury that hampered debut year with Ferrari
-
Rows, drones and 'sorry' Son as South Korea await World Cup fate
-
Noosha Aubel and Dietmar Woidke: How Potsdam Is Letting Down a Young Child with Profound Disabilities
-
Greek families receive keepsakes of Holocaust victims
-
Antonelli welcomes Mercedes upgrade ast Russell says beware Hamilton
-
Easyjet rejects latest takeover bid but leaves door ajar
-
HRW denounces Turkey arrests ahead of NATO summit
-
Macron hosts Meloni for Riviera talks after Trump rift
-
Alonso committed to Aston Martin, but is keeping options open
-
US Supreme Court paves way for mass deportation of Haitians, Syrians
-
Venezuelans trapped alive after twin quakes kill at least 164
-
South Africa vows firm response to anti-migrant violence
-
New Zealand make England toil as Stokes returns for series decider
-
Poland, Ukraine hold key Gdansk conference without Zelensky
-
Americans impacted by climate change demand answers from lawmakers
-
Massive police deployment blocks Kenya protest anniversary
-
Heat-struck Italians cool off in ancient stone 'trulli'
-
Court orders TotalEnergies to account for clients' emissions
-
French teaching unions call strike over 'unacceptable' heat
-
US Fed's preferred inflation gauge hits fresh three-year high
-
Venezuela twin quakes kill at least 164 with many trapped under rubble
-
Dominant Osaka cruises into Bad Homburg semis
-
IOC votes to continue ski mountaineering for 2030 Games
-
New Zealand frustrate England as Stokes returns for series decider
-
Stocks rally on AI optimism after Micron's blowout forecast
-
Poland, Ukraine tone down dispute at reconstruction conference
-
Tunisia's short-lived World Cup experience lays bare deep dysfunctions
-
At-risk UK elderly bid to stay cool as heatwave bears down
-
'Everything collapsed': Venezuela region hit hardest by quakes cries for help
-
'Need each other': Macron hosts Meloni after Trump rift
AI agents open door to new hacking threats
Cybersecurity experts are warning that artificial intelligence agents, widely considered the next frontier in the generative AI revolution, could wind up getting hijacked and doing the dirty work for hackers.
AI agents are programs that use artificial intelligence chatbots to do the work humans do online, like buy a plane ticket or add events to a calendar.
But the ability to order around AI agents with plain language makes it possible for even the technically non-proficient to do mischief.
"We're entering an era where cybersecurity is no longer about protecting users from bad actors with a highly technical skillset," AI startup Perplexity said in a blog post.
"For the first time in decades, we're seeing new and novel attack vectors that can come from anywhere."
These so-called injection attacks are not new in the hacker world, but previously required cleverly written and concealed computer code to cause damage.
But as AI tools evolved from just generating text, images or video to being "agents" that can independently scour the internet, the potential for them to be commandeered by prompts slipped in by hackers has grown.
"People need to understand there are specific dangers using AI in the security sense," said software engineer Marti Jorda Roca at NeuralTrust, which specializes in large language model security.
Meta calls this query injection threat a "vulnerability." OpenAI chief information security officer Dane Stuckey has referred to it as "an unresolved security issue."
Both companies are pouring billions of dollars into AI, the use of which is ramping up rapidly along with its capabilities.
- AI 'off track' -
Query injection can in some cases take place in real time when a user prompt -- "book me a hotel reservation" -- is gerrymandered by a hostile actor into something else -- "wire $100 to this account."
But these nefarious prompts can also be hiding out on the internet as AI agents built into browsers encounter online data of dubious quality or origin, and potentially booby-trapped with hidden commands from hackers.
Eli Smadja of Israeli cybersecurity firm Check Point sees query injection as the "number one security problem" for large language models that power AI agents and assistants that are fast emerging from the ChatGPT revolution.
Major rivals in the AI industry have installed defenses and published recommendations to thwart such cyberattacks.
Microsoft has integrated a tool to detect malicious commands based on factors including where instructions for AI agents originate.
OpenAI alerts users when agents doing their bidding visit sensitive websites and blocks proceeding until the software is supervised in real time by the human user.
Some security professionals suggest requiring AI agents to get user approval before performing any important task - like exporting data or accessing bank accounts.
"One huge mistake that I see happening a lot is to give the same AI agent all the power to do everything," Smadja told AFP.
In the eyes of cybersecurity researcher Johann Rehberger, known in the industry as "wunderwuzzi," the biggest challenge is that attacks are rapidly improving.
"They only get better," Rehberger said of hacker tactics.
Part of the challenge, according to the researcher, is striking a balance between security and ease of use since people want the convenience of AI doing things for them without constant checks and monitoring.
Rehberger argues that AI agents are not mature enough to be trusted yet with important missions or data.
"I don't think we are in a position where you can have an agentic AI go off for a long time and safely do a certain task," the researcher said.
"It just goes off track."
M.Fischer--AMWN
