AI agents open door to new hacking threats / Photo: © AFP/File
-
US stocks cut losses on Netanyahu war comments as energy prices soar again
-
Forest beat Midtjylland on penalties to reach Europa League quarters
-
Netanyahu says Iran decimated as Tehran warns of 'zero restraint' in energy attacks
-
Salvadoran anti-corruption lawyer jailed to 'silence her', husband says
-
California to rename Cesar Chavez Day after sex abuse claims
-
Yazidi woman tells French court of rape, slavery and escape from IS
-
New FIFA ruling boosts prospects for women coaches
-
Megan Jones to captain England in Women's Six Nations
-
Trump says told Netanyahu not to attack Iran gas fields
-
MLS reveals shortened 2027 campaign details
-
FIFA planning for World Cup to 'go ahead as scheduled' amid Iran uncertainty
-
Braves outfielder Profar's full MLB season ban upheld: report
-
Mideast war exposing Europe's reliance on Gulf flights, airlines warn
-
Ghalibaf: Iran's new strongman running war effort
-
UN shipping body urges 'safe maritime corridor' in Gulf
-
Venezuelan student freed after months in US immigration custody
-
Trump to Japan PM: 'Why didn't you tell me about Pearl Harbor?'
-
US mulls lifting sanctions on Iranian oil at sea despite war on Tehran
-
IMF raises concern over global inflation, output over Iran war
-
Middle East war weighs on global trade outlook: WTO
-
Cunningham out for NBA Pistons with collapsed lung
-
Belarus frees 250 political prisoners in US-brokered deal
-
Iran attacks on gas and oil refineries heighten fears over war fallout
-
Fernandez 'completely committed' to Chelsea insists Rosenior
-
Call to add Nazi camps to UNESCO list
-
England cricket chiefs to front up to media over Ashes flop
-
'Miracle': Europe reconnects with lost spacecraft
-
Nigeria 'challenged by terrorism', president says on UK state visit
-
Woltemade deployed too deep to be dangerous at Newcastle, says Nagelsmann
-
Wimbledon expansion plan gets legal boost
-
EU summit fails to rally Orban behind stalled Ukraine loan
-
New Morocco coach praises 'well-deserved' Cup of Nations decision
-
Senegal to appeal CAF Africa Cup of Nations decision
-
'Mixing things up': Nagelsmann goes for flexibility in new Germany squad
-
Record-setter Hodgkinson hopes 'fourth time lucky' at world indoors
-
Atletico target Romero says his focus on Spurs' survival bid
-
Karalis hits prime form to threaten Duplantis surprise
-
Freshly returned Mbappe leads France squad for Brazil, Colombia friendlies
-
US earns its lowest-ever score on freedom index
-
Europe's super elite teach English clubs a Champions League lesson
-
What we know about the UK's deadly meningitis outbreak
-
Karl handed Germany debut as Musiala misses out with injury
-
What cargo ships are passing Hormuz strait?
-
Bank of England holds interest rate amid Middle East war
-
Energy prices soar, Iran and US trade threats after Qatar gas hit
-
'Surreal' for F1 world champion Norris to have Tussauds waxwork
-
Iran hangs three men in first executions over January protests
-
North Korea, Philippines qualify for 2027 Women's World Cup
-
Man Utd boss Carrick expects hard test against resolute Bournemouth
-
Oil prices surge, stocks sink on energy shock fears
AI agents open door to new hacking threats
Cybersecurity experts are warning that artificial intelligence agents, widely considered the next frontier in the generative AI revolution, could wind up getting hijacked and doing the dirty work for hackers.
AI agents are programs that use artificial intelligence chatbots to do the work humans do online, like buy a plane ticket or add events to a calendar.
But the ability to order around AI agents with plain language makes it possible for even the technically non-proficient to do mischief.
"We're entering an era where cybersecurity is no longer about protecting users from bad actors with a highly technical skillset," AI startup Perplexity said in a blog post.
"For the first time in decades, we're seeing new and novel attack vectors that can come from anywhere."
These so-called injection attacks are not new in the hacker world, but previously required cleverly written and concealed computer code to cause damage.
But as AI tools evolved from just generating text, images or video to being "agents" that can independently scour the internet, the potential for them to be commandeered by prompts slipped in by hackers has grown.
"People need to understand there are specific dangers using AI in the security sense," said software engineer Marti Jorda Roca at NeuralTrust, which specializes in large language model security.
Meta calls this query injection threat a "vulnerability." OpenAI chief information security officer Dane Stuckey has referred to it as "an unresolved security issue."
Both companies are pouring billions of dollars into AI, the use of which is ramping up rapidly along with its capabilities.
- AI 'off track' -
Query injection can in some cases take place in real time when a user prompt -- "book me a hotel reservation" -- is gerrymandered by a hostile actor into something else -- "wire $100 to this account."
But these nefarious prompts can also be hiding out on the internet as AI agents built into browsers encounter online data of dubious quality or origin, and potentially booby-trapped with hidden commands from hackers.
Eli Smadja of Israeli cybersecurity firm Check Point sees query injection as the "number one security problem" for large language models that power AI agents and assistants that are fast emerging from the ChatGPT revolution.
Major rivals in the AI industry have installed defenses and published recommendations to thwart such cyberattacks.
Microsoft has integrated a tool to detect malicious commands based on factors including where instructions for AI agents originate.
OpenAI alerts users when agents doing their bidding visit sensitive websites and blocks proceeding until the software is supervised in real time by the human user.
Some security professionals suggest requiring AI agents to get user approval before performing any important task - like exporting data or accessing bank accounts.
"One huge mistake that I see happening a lot is to give the same AI agent all the power to do everything," Smadja told AFP.
In the eyes of cybersecurity researcher Johann Rehberger, known in the industry as "wunderwuzzi," the biggest challenge is that attacks are rapidly improving.
"They only get better," Rehberger said of hacker tactics.
Part of the challenge, according to the researcher, is striking a balance between security and ease of use since people want the convenience of AI doing things for them without constant checks and monitoring.
Rehberger argues that AI agents are not mature enough to be trusted yet with important missions or data.
"I don't think we are in a position where you can have an agentic AI go off for a long time and safely do a certain task," the researcher said.
"It just goes off track."
M.Ouellet--BTB
