Generative AI – a New Huge Attack Surface for Enterprises?
Generative AI is used almost daily by technical people, and the question that we need to ask ourselves as organizations is how secure it is to share proprietary data with learning language model tools like ChatGPT. In this blog, we cover some of the challenges around sharing sensitive company data with these tools, and how to overcome those challenges.
by Niv Segev
VP, Head of Cyber Security Services
Feb 21, 2024
5 min read
Get a free maturity assessment for your organization.START NOW
Large language models (LLMs) are used almost daily by technical people, and the question that we need to ask ourselves as organizations is how secure it is for us to share data with LLM tools like ChatGPT.
According to reported data as of June 1, 2023, 10.8% of employees have used ChatGPT in the workplace and 8.6% have pasted company data into it since it launched. This poses a huge risk of a data breach in organizations, especially with those that are highly regulated. Healthcare and medical devices, banking and financial services organizations are at much higher risk because of the generative AI tools they use.
Protecting intellectual property and personal data from accidentally or intentionally being leaked
Before considering how to protect an organization’s intellectual property, it is important to understand the different threat vectors that exist because of Generative AI. These include:
Data privacy: this is the leakage of sensitive or confidential information such as employee data, financial information, trade secrets, strategies, proprietary code/algorithms. It is crucial to ensure that appropriate security measures are in place to protect this data and comply with relevant privacy regulations.
Malicious code: ChatGPT or other AI may be susceptible to malicious input/output intentionally designed to exploit vulnerabilities or manipulate the system. This could include attempts to extract sensitive information, inject malicious code, or manipulate the model’s behavior. A user may download and run some malicious code invertedly that is generated by these AI models.
Enterprise applications: applications that are built as a consumer of these AI services will also have access to sensitive data. Software that observes the activity and interaction with these AI services should have proper direct persistent layer (DLP) assessments done.
Third party plugins: plugins that leverage or connect to ChatGPT or other AI, when used in browsers, will have access to private data. They may also be insecure in themselves or interact with other insecure external services.
How to reduce the cyber security risk with generative AI
Now that we have identified some threat vectors, what can be done to make sure there is no data leakage or at least to significantly reduce the associated cyber risks? There are various solutions that can be undertaken including:
Make sure that authorization checks are done before showing the response to the user’s question if a private instance of Generative AI is set up.
Ensure that regulatory requirements for an organization are identified (Ex: PCI DSS, HIPAA, etc.) and consider those checks while implementing the solution.
Redressal methods that include having appropriate safety and privacy settings enabled in ChatGPT or other AI Services, using APIs directly, and deleting conversation history or AI accounts altogether.
Security awareness programs and use of tools like ZScaler or Data Dog to block, filter and audit traffic and usage across these AI Services.
Systems to implement data minimization and content filtering to add extra layer of security.
Local and internal deployment of LLM models in a private network can benefit employees where data loss is eliminated although at the cost of diminished AI capabilities.
Source Code Security is crucial; plagiarism and obfuscation of code should be checked to make sure that the organization’s IP is not leaving the network without being checked. Recently there have been some legal challenges around organizations feeding their proprietary data/code as solutions into ChatGPT. Organizations that do this may be at greater risk of being sued or having to rip out their content or code if they use ChatGPT which turns out later to belong to someone else.
Make sure that data that has been transferred is encrypted with all the required security headers and no data is shared in clear text while implementing the ChatGPT solution.
Leverage Intent AI to identify any sensitive information being shared Generative AI.
Deploy adequate training for employees on how to safely use Generative AI which aims to get them internally certified through robust cyber security awareness training.
A practical demonstration of how organizations can protect themselves
Let’s explore how a “LLM shield” can work behind the scenes. Firstly, create a proxy server and a web extension, and then install the extension in the employee’s systems. Now, whenever someone accesses the ChatGPT web application, all their prompts will get routed to this proxy server.
This server logs user details (authentication & authorization), IP address and prompts. The proxy server uses an AI model that identifies sensitive or PII info in the prompts and classifies it if the prompt is sensitive. Based on the sensitivity, one can implement rules that will either allow or deny the prompt to reach ChatGPT servers
Final thoughts
Most cyber security risks can be reduced through education and increasing awareness of employees within the organization. However, this article addresses only the cyber risks of generative AI, and consideration should also be given to the legal implications of this.
The rise of Generative AI presents both unprecedented opportunities and formidable challenges for enterprises. While this technology holds the potential to revolutionize various aspects of business, from content creation to customer interaction, it simultaneously introduces a new and significant attack surface. Most cyber security risks can be reduced through education and increasing the awareness of this with employees within organizations through regular cyber security awareness training.
Fostering a culture of cyber security awareness among employees is crucial to prevent inadvertent exploitation of Generative AI-generated content. The evolving landscape of AI-driven threats demands a proactive approach from enterprises and by staying vigilant, adapting security protocols, and leveraging advanced technologies to stay one step ahead of potential threats, organizations can harness the transformative potential of Generative AI while safeguarding their confidential and sensitive data to ensure a secure future in the age of artificial intelligence.
