AI gateways offer attackers the keys to the kingdom
As a growing number of organizations deploy AI gateways to manage access to foundation models, all signs point to them becoming yet another surface for security defenders to protect.
Researchers at Darktrace recently investigated an incident where a threat actor gained access to an EC2 server hosting an AI gateway connected to Amazon Bedrock services. The attacker used the access for cryptomining but could just as easily have abused the AI gateway to access connected models and data, manipulate AI workflows, or pivot deeper into the unnamed organization’s cloud environment to make it a much more serious compromise.
“This incident should be viewed as the tip of the iceberg,” advises Nathaniel Jones, vice president, security and AI strategy and field CISO at Darktrace. “AI gateways increasingly sit at the intersection of identity, cloud infrastructure, proprietary data, and access to multiple foundation models.”
Read more at Dark Reading