AI agents open door to new hacking threats / Photo: Lionel BONAVENTURE - AFP/File
-
New York mayor Mamdani pledges left-wing success after taking office
-
Slot frustrated by blunt Liverpool in Leeds stalemate
-
Toothless Liverpool held by Leeds
-
Dozens killed as fire ravages Swiss ski resort New Year party
-
K-pop stars BTS to release album in March ahead of world tour
-
Fresh clashes kill six in Iran cost-of-living protests
-
Nigeria kicks off new tax regime vowing relief for low earners
-
Dozens killed in fire at Swiss ski resort New Year party
-
Leftist Mamdani begins first day as New York mayor
-
Dozens believed killed in fire at Swiss ski resort New Year party
-
Brazil Supreme Court rejects Bolsonaro request for house arrest on health concerns
-
Israel confirms ban on 37 NGOs in Gaza
-
Russia blames Ukraine for deadly New Year drone strike
-
Coach Maresca leaves Chelsea - club
-
'Several dozen' believed killed in fire at Swiss ski resort New Year party
-
China's BYD logs record EV sales in 2025
-
Yemen separatists say Saudi-backed forces to deploy in seized territories
-
Wales rugby star Rees-Zammit signs long-term deal to stay at Bristol
-
'Several dozen' believed killed in fire at Swiss ski resort New Year bash
-
Hakimi, Salah and Osimhen head star-packed AFCON last-16 cast
-
Israel says it 'will enforce' ban on 37 NGOs in Gaza
-
Near record number of small boat migrants reach UK in 2025
-
Several dead as fire ravages bar in Swiss ski resort town Crans Montana: police
-
Tsitsipas considered quitting tennis during injury-hit 2025
-
Sabalenka wants 'Battle of the Sexes' rematch and revenge
-
Osaka drawing inspiration from family at United Cup
-
Leftist Mamdani takes over as New York mayor under Trump shadow
-
Israel's Netanyahu among partygoers at Trump's New Year's Eve fete
-
Champagnie, Wemby lead Spurs comeback in Knicks thriller
-
Eight dead in US strikes on alleged drug boats: US military
-
Trump joins criticism of Clooney's French passport
-
AI, chips boom sent South Korea exports soaring in 2025
-
Taiwan's president vows to defend sovereignty after China drills
-
N. Korea's Kim hails 'invincible alliance' with Russia in New Year's letter
-
In Venezuela, price of US dollar up 479 percent in a year
-
Cummins, Hazlewood in spin-heavy Australia squad for T20 World Cup
-
Ex-boxing champ Joshua discharged from hospital after fatal car crash
-
Kamenar to Open for Tom Hamilton of Aerosmith's New Band Close Enemies at the World-Famous Whisky a Go Go - January 3, 2026
-
SUPCASE Unveils Its 2026 Brand Evolution: Lighter in Form, Stronger in Purpose
-
The EPOMAKER RT82: Where Retro Meets Modern Technology
-
Zelensky says deal to end war '10 percent' away
-
Trump bashes Clooney after actor becomes French
-
We are '10 percent' away from peace, Zelensky tells Ukrainians
-
Trump says pulling National Guard from three cities -- for now
-
Ivory Coast top AFCON group ahead of Cameroon, Algeria win again
-
World welcomes 2026 after a year of Trump, truces and turmoil
-
Ivory Coast fight back to pip Cameroon for top spot in AFCON group
-
Second Patriots player facing assault charge
-
Trump-hosted Kennedy Center awards gala ratings plummet
-
Israel begins demolishing 25 buildings in West Bank camp
NYSE - LSE
| SCS | 0.12% | 16.14 | $ | |
| RBGPF | -0.37% | 80.75 | $ | |
| CMSD | 0.09% | 23.15 | $ | |
| GSK | -0.53% | 49.04 | $ | |
| CMSC | -0.15% | 22.65 | $ | |
| VOD | -0.15% | 13.21 | $ | |
| RIO | -0.61% | 80.03 | $ | |
| RELX | -1.71% | 40.42 | $ | |
| NGG | -0.54% | 77.35 | $ | |
| BCE | 1.05% | 23.82 | $ | |
| BCC | -0.26% | 73.6 | $ | |
| RYCEF | 0.13% | 15.51 | $ | |
| JRI | 0.22% | 13.61 | $ | |
| AZN | -0.63% | 91.93 | $ | |
| BP | -0.06% | 34.73 | $ | |
| BTI | 0.12% | 56.62 | $ |
AI agents open door to new hacking threats
Cybersecurity experts are warning that artificial intelligence agents, widely considered the next frontier in the generative AI revolution, could wind up getting hijacked and doing the dirty work for hackers.
AI agents are programs that use artificial intelligence chatbots to do the work humans do online, like buy a plane ticket or add events to a calendar.
But the ability to order around AI agents with plain language makes it possible for even the technically non-proficient to do mischief.
"We're entering an era where cybersecurity is no longer about protecting users from bad actors with a highly technical skillset," AI startup Perplexity said in a blog post.
"For the first time in decades, we're seeing new and novel attack vectors that can come from anywhere."
These so-called injection attacks are not new in the hacker world, but previously required cleverly written and concealed computer code to cause damage.
But as AI tools evolved from just generating text, images or video to being "agents" that can independently scour the internet, the potential for them to be commandeered by prompts slipped in by hackers has grown.
"People need to understand there are specific dangers using AI in the security sense," said software engineer Marti Jorda Roca at NeuralTrust, which specializes in large language model security.
Meta calls this query injection threat a "vulnerability." OpenAI chief information security officer Dane Stuckey has referred to it as "an unresolved security issue."
Both companies are pouring billions of dollars into AI, the use of which is ramping up rapidly along with its capabilities.
- AI 'off track' -
Query injection can in some cases take place in real time when a user prompt -- "book me a hotel reservation" -- is gerrymandered by a hostile actor into something else -- "wire $100 to this account."
But these nefarious prompts can also be hiding out on the internet as AI agents built into browsers encounter online data of dubious quality or origin, and potentially booby-trapped with hidden commands from hackers.
Eli Smadja of Israeli cybersecurity firm Check Point sees query injection as the "number one security problem" for large language models that power AI agents and assistants that are fast emerging from the ChatGPT revolution.
Major rivals in the AI industry have installed defenses and published recommendations to thwart such cyberattacks.
Microsoft has integrated a tool to detect malicious commands based on factors including where instructions for AI agents originate.
OpenAI alerts users when agents doing their bidding visit sensitive websites and blocks proceeding until the software is supervised in real time by the human user.
Some security professionals suggest requiring AI agents to get user approval before performing any important task - like exporting data or accessing bank accounts.
"One huge mistake that I see happening a lot is to give the same AI agent all the power to do everything," Smadja told AFP.
In the eyes of cybersecurity researcher Johann Rehberger, known in the industry as "wunderwuzzi," the biggest challenge is that attacks are rapidly improving.
"They only get better," Rehberger said of hacker tactics.
Part of the challenge, according to the researcher, is striking a balance between security and ease of use since people want the convenience of AI doing things for them without constant checks and monitoring.
Rehberger argues that AI agents are not mature enough to be trusted yet with important missions or data.
"I don't think we are in a position where you can have an agentic AI go off for a long time and safely do a certain task," the researcher said.
"It just goes off track."
M.Fischer--AMWN
