AI agents open door to new hacking threats / Photo: Lionel BONAVENTURE - AFP/File
-
US EPA issues waiver for E15 fuel to address oil supply issues
-
Grieving families hail court victory against Instagram, YouTube
-
Internet providers not liable for music piracy by users: top US court
-
Gaza civil defence says Israeli strike kills one, tents on fire
-
UK govt denies cover-up after PM ex-aide's phone stolen
-
California jury finds Meta, YouTube liable in social media addiction trial
-
Oil prices slip, stocks rally on Mideast peace hopes
-
South Africa police clash with anti-immigrant protesters
-
Gattuso says Italy's World Cup play-off 'biggest match' of career
-
Sakamoto leads skating swansong with 'Time to Say Goodbye' at worlds
-
Spanish PM says Middle East war 'far worse' than Iraq in 2003
-
First Robot: Melania Trump brings droid to White House event
-
Oldest dog DNA suggests 16,000 years of human companionship
-
Iran media casts doubt on US peace plan
-
Rare mountain gorilla twins born in DR Congo: park authorities
-
Ex-midwife enthroned as first female Archbishop of Canterbury
-
AC Schnitzer: When Iconic Tuners Fall Silent
-
Senegal lodge appeal to Court of Arbitration for Sport over AFCON final decision
-
South Africa seal T20 series win in New Zealand
-
Study links major polluters to big climate damages bill
-
Ex-Google chief Matt Brittin made new BBC director-general
-
Iran likely behind attacks sowing fear among Europe's Jews: experts
-
'Relieved' McGrath claims career first crystal globe in slalom
-
US ski star Shiffrin wins overall World Cup title for sixth time
-
Trump names tech titans to science advisory council
-
Mideast war sparks long queues at Kinshasa petrol stations
-
US TV star details 'agony' over mother's disappearance
-
Tehran receives US plan to end Mideast war, as Iran fires at US carrier
-
Aviation, tourism, agriculture... the economic sectors hit by the war
-
Iran fires at US carrier as backchannel diplomacy aims to end war
-
Salah's long goodbye brings curtain down on golden era for Liverpool
-
Monaco: city of vice and a few virtues
-
AI making cyber attacks costlier and more effective: Munich Re
-
Defying Israeli bombs, Lebanese hold out in southern city of Tyre
-
War-linked power crunch pushes Sri Lanka to four-day week
-
Hungary says will phase out gas deliveries to Ukraine
-
Oil prices tumble, stocks rally on Mideast peace hopes
-
Maybach: Between Glory and a Turning Point
-
German business morale falls as war puts recovery on ice: survey
-
Labubu maker Pop Mart's shares fall 23% despite surging earnings
-
ECB won't be 'paralysed' in face of energy shock: Lagarde
-
Iran hits targets across Middle East after Trump signals talks progress
-
McEvoy says best is to come after breaking long-standing swim record
-
Goat vs gecko: A tiny Caribbean island faces wildlife showdown
-
Japan PM asks IEA chief to prepare additional 'coordinated release' of oil
-
Hungary's hard-pressed LGBTQ people say Orban exit is only half battle
-
Belarus leader visits North Korea for first time
-
'No heavier burden': the decades-long search for Kosovo war missing
-
Exotic pet trade thrives in China despite welfare concerns
-
Iran fires missile salvo after Trump signals progress in talks
AI agents open door to new hacking threats
Cybersecurity experts are warning that artificial intelligence agents, widely considered the next frontier in the generative AI revolution, could wind up getting hijacked and doing the dirty work for hackers.
AI agents are programs that use artificial intelligence chatbots to do the work humans do online, like buy a plane ticket or add events to a calendar.
But the ability to order around AI agents with plain language makes it possible for even the technically non-proficient to do mischief.
"We're entering an era where cybersecurity is no longer about protecting users from bad actors with a highly technical skillset," AI startup Perplexity said in a blog post.
"For the first time in decades, we're seeing new and novel attack vectors that can come from anywhere."
These so-called injection attacks are not new in the hacker world, but previously required cleverly written and concealed computer code to cause damage.
But as AI tools evolved from just generating text, images or video to being "agents" that can independently scour the internet, the potential for them to be commandeered by prompts slipped in by hackers has grown.
"People need to understand there are specific dangers using AI in the security sense," said software engineer Marti Jorda Roca at NeuralTrust, which specializes in large language model security.
Meta calls this query injection threat a "vulnerability." OpenAI chief information security officer Dane Stuckey has referred to it as "an unresolved security issue."
Both companies are pouring billions of dollars into AI, the use of which is ramping up rapidly along with its capabilities.
- AI 'off track' -
Query injection can in some cases take place in real time when a user prompt -- "book me a hotel reservation" -- is gerrymandered by a hostile actor into something else -- "wire $100 to this account."
But these nefarious prompts can also be hiding out on the internet as AI agents built into browsers encounter online data of dubious quality or origin, and potentially booby-trapped with hidden commands from hackers.
Eli Smadja of Israeli cybersecurity firm Check Point sees query injection as the "number one security problem" for large language models that power AI agents and assistants that are fast emerging from the ChatGPT revolution.
Major rivals in the AI industry have installed defenses and published recommendations to thwart such cyberattacks.
Microsoft has integrated a tool to detect malicious commands based on factors including where instructions for AI agents originate.
OpenAI alerts users when agents doing their bidding visit sensitive websites and blocks proceeding until the software is supervised in real time by the human user.
Some security professionals suggest requiring AI agents to get user approval before performing any important task - like exporting data or accessing bank accounts.
"One huge mistake that I see happening a lot is to give the same AI agent all the power to do everything," Smadja told AFP.
In the eyes of cybersecurity researcher Johann Rehberger, known in the industry as "wunderwuzzi," the biggest challenge is that attacks are rapidly improving.
"They only get better," Rehberger said of hacker tactics.
Part of the challenge, according to the researcher, is striking a balance between security and ease of use since people want the convenience of AI doing things for them without constant checks and monitoring.
Rehberger argues that AI agents are not mature enough to be trusted yet with important missions or data.
"I don't think we are in a position where you can have an agentic AI go off for a long time and safely do a certain task," the researcher said.
"It just goes off track."
P.Serra--PC
