Tuesday, July 16, 2024

AI Worm Developed by Researchers Spreads Automatically Between AI Agents

Researchers have developed what they claim to be one of the first generative AI worms, named Morris II, capable of autonomously spreading between AI systems.

This new form of cyberattack, reminiscent of the original Morris worm that wreaked havoc on the internet in 1988, signifies a potential shift in the landscape of cybersecurity threats.

The research, led by Ben Nassi from Cornell Tech, along with Stav Cohen and Ron Bitton, demonstrates the worm’s ability to infiltrate generative AI email assistants, extracting data and disseminating spam, thereby breaching security measures of prominent AI models like ChatGPT and Gemini.

The Rise of Generative AI and Its Vulnerabilities

As generative AI systems, such as OpenAI’s ChatGPT and Google’s Gemini, become increasingly sophisticated and integrated into various applications—ranging from mundane tasks like calendar bookings to more complex operations—so too does the potential for these systems to be exploited.

The researchers’ creation of the Morris II worm underscores a novel cyber threat that leverages the interconnectedness and autonomy of AI ecosystems.

A team of researchers has developed one of the earliest examples of generative AI worms, first reported by Wired.

These worms have the potential to spread from one system to another and may even be capable of stealing data or deploying malware during the process.

By employing adversarial self-replicating prompts, the worm can propagate through AI systems, hijacking them to execute unauthorized actions, such as data theft and malware deployment.

The implications of such a worm are far-reaching, posing significant risks to startups, developers, and tech companies that rely on generative AI systems.

The worm’s ability to spread autonomously between AI agents without detection introduces a new vector for cyberattacks, challenging existing security paradigms.

Security experts and researchers, including those from the CISPA Helmholtz Center for Information Security, emphasize the plausibility of these attacks and the urgent need for the development community to take these threats seriously.

Mitigating the Threat

Despite the alarming potential of AI worms, experts suggest that traditional security measures and vigilant application design can mitigate these risks.

Adam Swanda, a threat researcher at AI enterprise security firm Robust Intelligence, advocates for secure application design and the importance of human oversight in AI operations.

The risk of unauthorized activities can be significantly reduced by ensuring that AI agents do not perform actions without explicit approval.

Additionally, monitoring for unusual patterns, such as repetitive prompts within AI systems, can help in the early detection of potential threats.

Ben Nassi and his team also highlight the importance of awareness among developers and companies creating AI assistants.

Understanding the risks and implementing robust security measures are crucial steps in safeguarding against the exploitation of generative AI systems.

The research serves as a call to action for the AI development community to prioritize security in designing and deploying AI ecosystems.

The development of the Morris II worm by Nassi and his colleagues marks a pivotal moment in the evolution of cyber threats, highlighting the vulnerabilities inherent in generative AI systems.

The need for comprehensive security strategies becomes increasingly paramount as AI permeates various aspects of technology and daily life.

By fostering awareness and adopting proactive security measures, the AI development community can protect against the emerging threat of AI worms and ensure the safe and responsible use of generative AI technologies

You can block malware, including Trojans, ransomware, spyware, rootkits, worms, and zero-day exploits, with Perimeter81 malware protection. All are incredibly harmful, can wreak havoc, and damage your network.

Stay updated on Cybersecurity news, Whitepapers, and Infographics. Follow us on LinkedIn & Twitter


Latest articles

New Poco RAT Weaponizing 7zip Files Using Google Drive

The hackers weaponize 7zip files to pass through security measures and deliver malware effectively.These...

New ShadowRoot Ransomware Attacking Business Via Weaponized PDF’s

X-Labs identified basic ransomware targeting Turkish businesses, delivered via PDF attachments in suspicious emails...

Hacktivist Groups Preparing for DDoS Attacks Targeting Paris Olympics

Cyble Research & Intelligence Labs (CRIL) researchers have identified a cyber threat targeting the...

Critical Cellopoint Secure Email Gateway Flaw Let Attackers Execute Arbitrary Code

A critical vulnerability has been discovered in the Cellopoint Secure Email Gateway, identified as...

Singapore Banks to Phase out OTPs for Bank Account Logins Within 3 Months

The Monetary Authority of Singapore (MAS) and The Association of Banks in Singapore (ABS)...

GuardZoo Android Malware Attacking military personnel via WhatsApp To Steal Sensitive Data

A Houthi-aligned group has been deploying Android surveillanceware called GuardZoo since October 2019 to...

ViperSoftX Weaponizing AutoIt & CLR For Stealthy PowerShell Execution

ViperSoftX is an advanced malware that has become more complicated since its recognition in...
Divya is a Senior Journalist at GBhackers covering Cyber Attacks, Threats, Breaches, Vulnerabilities and other happenings in the cyber world.

Free Webinar

Low Rate DDoS Attack

9 of 10 sites on the AppTrana network have faced a DDoS attack in the last 30 days.
Some DDoS attacks could readily be blocked by rate-limiting, IP reputation checks and other basic mitigation methods.
More than 50% of the DDoS attacks are employing botnets to send slow DDoS attacks where millions of IPs are being employed to send one or two requests per minute..
Key takeaways include:

  • The mechanics of a low-DDoS attack
  • Fundamentals of behavioural AI and rate-limiting
  • Surgical mitigation actions to minimize false positives
  • Role of managed services in DDoS monitoring

Related Articles