Time to start pentesting your AI models, because there are a bunch of issues
Take action: It's time to start bounty programs and systemic pentesting of your AI/ML systems. Because they are built and implemented by people, and people make the same mistakes and security vulnerabilities..
Researchers have uncovered a series of critical vulnerabilities within the infrastructure that supports AI models and are raising the alarm that it's time for companies to start secuirty testing their AI.
In reality, large language models (LLM) and machine learning (ML) platforms are still a piece of software that runs on some infrastructure. It's deployed and maintained much like any other software platform - hence it's vulnerable to the same issues and even open to new vectors of exploiting those issues.
The risk posed by these vulnerabilities is not theoretical: Many large companies have already embarked on ambitious initiatives to leverage AI models in various aspects of their business operations. Banks employ machine learning and AI for tasks ranging from chatbots to mortgage processing and anti-money laundering efforts. As a result, vulnerabilities in AI systems tightly integrated into core banking could lead to the compromise of critical infrastructure and the theft of valuable personal information, intellectual property and money.
Some of the vulnerabilities tested on publicly available ML models remain unpatched even though the vulnerabilities are properly reported. This is not unexpected since organizations are quite slow at patching issues.
Key vulnerabilities of AI/ML that engineering and security teams need to consider:
It's time to start bounty programs and systemic pentesting of your AI/ML systems. Because they are built and implemented by people, and people make the same mistakes and security vulnerabilities. Time and again.