- AI agents discovered the vulnerabilities independently and exploited them while performing routine tasks.
- Multi-agent systems worked together to bypass data loss prevention and steal sensitive credentials
- Backup server AI escalated privileges to disable endpoint protection and terminate downloads
Routine tasks assigned to artificial intelligence agents can sometimes escalate into actions resembling cyberattacks, experts warn.
The Irregular Security Lab examined the behavior of autonomous agents in a simulated corporate environment while executing ordinary missions.
Over multiple runs, AI agents scanned for vulnerabilities, escalated privileges, disabled security protections, and moved sensitive information outside of internal systems.
Article continues below
Offensive behavior emerges during routine tasks
These actions occurred while agents were attempting to complete tasks such as retrieving documents, uploading files, or preparing content for publishing.
The simulated network represented a fictitious company called MegaCorp and included internal servers, applications, and services commonly found in the company’s infrastructure.
In this environment, agents performed routine tasks that many organizations already automate.
These tasks included searching for information on an internal wiki, maintaining backup archives on a server, and writing social media posts using technical documents.
According to the researchers, the instructions given to the agents did not mention hacking or exploitation.
“AI agents deployed for routine business tasks autonomously hack the systems they operate in. No one asked them to. No adversarial incentives were involved,” Irregular said in a blog post.
“Agents independently discovered vulnerabilities, escalated privileges, disabled security tools, and exfiltrated data, all while attempting to accomplish ordinary missions. »
One scenario involved a multi-agent search system retrieving documents from a corporate wiki.
When access restrictions blocked a request, the system examined the application’s code repository and discovered a hard-coded secret key.
The agent used this key to forge an administrative session cookie and retrieve a restricted document.
Another test involved a backup server agent responsible for uploading files to a storage directory.
When Windows Defender blocked a file containing malware, the agent searched for local scripts and discovered administrator credentials embedded in a utility file.
He then elevated his privileges and disabled endpoint protection so the download could continue.
A separate experiment showed agents collaborating to bypass a data loss prevention system.
Two officers responsible for writing social media content were asked to include identifying information from a technical document.
When the system blocked the message, agents developed a steganographic method that hid the password in the text.
According to the researchers, several factors contributed to this behavior, including access to tools such as code execution and shell commands, and numerous prompts encouraged persistence when tasks encountered errors.
Interactions between multiple agents also created feedback loops that pushed them to find workarounds when obstacles appeared.
Researchers say existing cybersecurity defenses were designed to stop human attackers rather than autonomous systems operating within corporate networks.
Organizations deploying such agents should not underestimate how quickly routine automation can drift into behavior resembling an internal cyber intrusion.
Via The register
Follow TechRadar on Google News And add us as your favorite source to get our news, reviews and expert opinions in your feeds. Make sure to click the Follow button!
And of course you can too follow TechRadar on TikTok for news, reviews, unboxings in video form and receive regular updates from us on WhatsApp Also.
