AI agents open door to new hacking threats / Photo: © AFP/File
-
Iraqis vote in general election in rare moment of calm
-
Philippines digs out from Typhoon Fung-wong as death toll climbs to 18
-
'Demon Slayer' helps Sony hike profit forecasts
-
Who can qualify for 2026 World Cup in next round of European qualifiers
-
Ireland's climate battle is being fought in its fields
-
Sony hikes profit forecasts on strong gaming, anime sales
-
End to US government shutdown in sight as stopgap bill advances to House
-
'Western tech dominance fading' at Lisbon's Web Summit
-
Asian stocks rise as record US shutdown nears end
-
'Joy to beloved motherland': N.Korea football glory fuels propaganda
-
Taiwan coastguard faces China's might near frontline islands
-
Concentration of corporate power a 'huge' concern: UN rights chief
-
Indian forensic teams scour deadly Delhi car explosion
-
Trump says firebrand ally Greene has 'lost her way' after criticism
-
Show shines light on Mormons' unique place in US culture
-
Ukraine, China's critical mineral dominance, on agenda as G7 meets
-
AI agents open door to new hacking threats
-
Syria joins alliance against Islamic State after White House talks
-
As COP30 opens, urban Amazon residents swelter
-
NHL unveils new Zurich office as part of global push
-
Szalay wins Booker Prize for tortured tale of masculinity
-
'Netflix House' marks streaming giant's first theme park
-
UN warns of rough winter ahead for refugees
-
Brazil's 'action agenda' at COP30 takes shape
-
Trump threatens $1 billion action as BBC apologises for edit error
-
Sinner dominates injury-hit Auger-Aliassime in ATP Finals opener
-
Trump hails Syria's 'tough' ex-jihadist president after historic talks
-
Syria's ex-jihadist president meets Trump for historic talks
-
Top US court hears case of Rastafarian whose hair was cut in prison
-
US mediator Kushner and Netanyahu discuss phase two of Gaza truce
-
Trump threatens air traffic controllers over shutdown absences
-
US to remove warnings from menopause hormone therapy
-
UK water firm says 'highly likely' behind plastic pellet pollution incident
-
End to record-long US government shutdown in sight
-
France's ex-leader Sarkozy says after jail release 'truth will prevail'
-
Atalanta sack coach Juric after poor start to season
-
Trump threatens $1 billion action as BBC apologises for speech edit
-
Gattuso wants 'maximum commitment' as Italy's World Cup bid on the line
-
Indian capital car blast kills at least eight
-
Deadly measles surge sees Canada lose eradicated status
-
Brazil's Lula urges 'defeat' of climate deniers as COP30 opens
-
Strangled by jihadist blockade, Malians flee their desert town
-
US Supreme Court declines to hear case challenging same-sex marriage
-
Injured Courtois set to miss Belgium World Cup qualifiers
-
Bulatov, pillar of Russian contemporary art scene, dies at 92
-
Fritz sees off Musetti in ATP Finals
-
US strikes on alleged drug boats kill six more people
-
Sarkozy released from jail 'nightmare' pending appeal trial
-
COP30 has a mascot: the fiery-haired guardian of Brazil's forest
-
The Sudanese who told the world what happened in El-Fasher
NYSE - LSE
AI agents open door to new hacking threats
Cybersecurity experts are warning that artificial intelligence agents, widely considered the next frontier in the generative AI revolution, could wind up getting hijacked and doing the dirty work for hackers.
AI agents are programs that use artificial intelligence chatbots to do the work humans do online, like buy a plane ticket or add events to a calendar.
But the ability to order around AI agents with plain language makes it possible for even the technically non-proficient to do mischief.
"We're entering an era where cybersecurity is no longer about protecting users from bad actors with a highly technical skillset," AI startup Perplexity said in a blog post.
"For the first time in decades, we're seeing new and novel attack vectors that can come from anywhere."
These so-called injection attacks are not new in the hacker world, but previously required cleverly written and concealed computer code to cause damage.
But as AI tools evolved from just generating text, images or video to being "agents" that can independently scour the internet, the potential for them to be commandeered by prompts slipped in by hackers has grown.
"People need to understand there are specific dangers using AI in the security sense," said software engineer Marti Jorda Roca at NeuralTrust, which specializes in large language model security.
Meta calls this query injection threat a "vulnerability." OpenAI chief information security officer Dane Stuckey has referred to it as "an unresolved security issue."
Both companies are pouring billions of dollars into AI, the use of which is ramping up rapidly along with its capabilities.
- AI 'off track' -
Query injection can in some cases take place in real time when a user prompt -- "book me a hotel reservation" -- is gerrymandered by a hostile actor into something else -- "wire $100 to this account."
But these nefarious prompts can also be hiding out on the internet as AI agents built into browsers encounter online data of dubious quality or origin, and potentially booby-trapped with hidden commands from hackers.
Eli Smadja of Israeli cybersecurity firm Check Point sees query injection as the "number one security problem" for large language models that power AI agents and assistants that are fast emerging from the ChatGPT revolution.
Major rivals in the AI industry have installed defenses and published recommendations to thwart such cyberattacks.
Microsoft has integrated a tool to detect malicious commands based on factors including where instructions for AI agents originate.
OpenAI alerts users when agents doing their bidding visit sensitive websites and blocks proceeding until the software is supervised in real time by the human user.
Some security professionals suggest requiring AI agents to get user approval before performing any important task - like exporting data or accessing bank accounts.
"One huge mistake that I see happening a lot is to give the same AI agent all the power to do everything," Smadja told AFP.
In the eyes of cybersecurity researcher Johann Rehberger, known in the industry as "wunderwuzzi," the biggest challenge is that attacks are rapidly improving.
"They only get better," Rehberger said of hacker tactics.
Part of the challenge, according to the researcher, is striking a balance between security and ease of use since people want the convenience of AI doing things for them without constant checks and monitoring.
Rehberger argues that AI agents are not mature enough to be trusted yet with important missions or data.
"I don't think we are in a position where you can have an agentic AI go off for a long time and safely do a certain task," the researcher said.
"It just goes off track."
C.Kreuzer--VB
