- OpenAI says rapid injection attacks cannot be completely eliminated, only mitigated
- Malicious prompts hidden in websites can trick AI browsers into exfiltrating data or installing malware.
- OpenAI’s rapid response loop uses adversarial training and automated discovery to harden defenses
OpenAI claimed that while AI browsers may never be fully protected against rapid injection attacks, that doesn’t mean the industry should simply abandon the idea or admit defeat to scammers: there are ways to harden products.
The company has published a new blog post about cybersecurity risks in its AI-powered browser, Atlas, in which it shares its somewhat gloomy outlook.
“Rapid injecting, like scams and social engineering on the web, will likely never be fully ‘solved,’” the blog reads. “But we are optimistic that a rapid, proactive response loop can continue to significantly reduce real-world risks over time. By combining automated attack discovery with adversarial training and system-level protections, we can identify new attack patterns sooner, close gaps faster, and continually increase the cost of operation.”
Fast response loop
So, what exactly is rapid injection and what is this “rapid response loop” approach?
Prompt injection is a type of attack in which a malicious prompt is “injected” into the victim’s AI agent without their knowledge or consent.
For example, an AI browser could be allowed to read all content on a website. If that website is malicious (or hacked) and contains a hidden prompt (white letters on a white background, for example), the AI can act on it without the user realizing it.
This prompt can be anything from exfiltrating sensitive files to downloading and running malicious browser add-ons.
OpenAI wants to fight fire with fire, it seems. He created a robot, trained through reinforced learning, and let it be the hacker looking for ways to get in. It pits this robot against an AI defender who then goes back and forth, trying to outwit each other. The end result is an AI defender capable of spotting most attacking techniques.
The best antivirus for every budget
Follow TechRadar on Google News And add us as your favorite source to get our news, reviews and expert opinions in your feeds. Make sure to click the Follow button!
And of course you can too follow TechRadar on TikTok for news, reviews, unboxings in video form and receive regular updates from us on WhatsApp Also.
