Recognising the threats

Recognising the threats

If an organisation is employing the use of AI either through cloud services or through locally build models, it must consider the potential threats to the data it holds. This article provides a very brief overview of the kind of threats an organisaitafion might face.

Advanced Persistent Threats

APT are sophisticated, often nation state threat actors, who seek to infiltrate, conduct espionage, or even disrupt an organisation. Such threat actors are now using the Frontier AI like LLMs to enhance their objectives by developing their attack techniques.

Frontier AI has been employed by a number of these threat actors in the recent months, these include

  • Forest Blizzard
  • Emerald Sleet
  • Charcoal Typhoon

Frontier AI, like LLMs could be used to automate attacks, improve phishing attempts by creating more convincing fake messages, or even identify and exploit vulnerabilities faster than humans can patch them.

For more information check out the detailed Microsoft article on this issue: Staying ahead of threat actors in the age of AI

Hacktivists

Hackers who carry out attacks for political or social causes, aiming to publicise an issue, cause disruption, or embarrass the organisation.

Supply Chain Attacks

Attackers might target less-secure elements in the supply chain, such as software vendors or third-party service providers, to gain access to the organisation’s network.

Insider Threats

The risk from insiders—employees or contractors who might intentionally or accidentally compromise the organisation’s security—is significant. This could occur through the mishandling of sensitive information, installing unauthorised software that could be vulnerable to attacks, or intentional acts of sabotage.

Cybercriminals

Individuals or organised crime groups engaged in criminal activities for personal gain, such as theft of trade secrets, fraud etc.

Rogue AI

There is a potential given evolving nature of the technology, that rogue AI technology could independently disrupt the work an organisation does. This would uncharted territory as (at least publicly) no such attack has taken place.