I have lost track of the number of services that I am being offered include “AI” to make them better, more helpful, intuitive, etc., etc., etc.. Even my Microsoft 365 for Business comes with AI interfering, sorry helping at every turn.
But what happens when the threat actors get their teeth into artificial intelligence and the systems that drive the new AI apps we are coming to depend on? Well of course researchers looking for that PhD or the next article they need to publish to keep tenure could not leave the subject alone and have now demonstrated how these large systems can be compromised.
ComPromptMized is doing nothing more complicated than using the AI process and some straight forward compromise code to exfiltrate sensitive data from a AI assisted email system. It is only research at the moment, but it works and I am sure it will not take long for the threat actors to get onboard.
Your takeaway from this?
If email systems could be compromised like this then it is time to reconsider using encryption as I explained here:
Clive Catton MSc (Cyber Security) – by-line and other articles
