Google has an estimated 1.8 billion Gmail users worldwide, and the company recently issued a major warning to all of those users about a "new wave of threats" to cybersecurity, given the advancements in artificial intelligence.
Earlier this summer, Google issued an important warning to all of its users about a new form of cybersecurity attack called "indirect prompt injections." This new threat puts individuals, businesses, and even governments at risk.
In an extensive blog post recently, Google explained the issue.
"With the rapid adoption of generative AI, a new wave of threats is emerging across the industry with the aim of manipulating the AI systems themselves. One such emerging attack vector is indirect prompt injections," Google wrote in its blog.
"Unlike direct prompt injections, where an attacker directly inputs malicious commands into a prompt, indirect prompt injections involve hidden malicious instructions within external data sources. These may include emails, documents, or calendar invites that instruct AI to exfiltrate user data or execute other rogue actions," the blog post continued.
The Google blog post warned that this puts individuals and entities at risk.
"As more governments, businesses, and individuals adopt generative AI to get more done, this subtle yet potentially potent attack becomes increasingly pertinent across the industry, demanding immediate attention and robust security measures," the blog post continued.
During a recent interview with The Daily Record, tech expert Scott Polderman opened up a bit about the threat, explaining that a scam involves the use of another Google product, Gemini, an AI assistant known as a chatbot.
"So hackers have figured out a way to use Gemini - Google's own AI - against itself," Polderman told The Daily Record. "Essentially, hackers are sending an email with a hidden message to Gemini to reveal your passwords without you even realizing."
"These hidden instructions are getting AI to work against itself and have you reveal your login and password information," he continued.
Polderman explained why people are particularly susceptible to the threat.
"There is no link that you have to click [to activate the scam]," Polderman said. "It's Gemini popping up and letting you know you are at risk."
The good news is that Google is already moving forward with some new security measures to help keep its users safe from these threats.
No comments:
Post a Comment