Skip to content
SPECIAL

THREATS TO CRITICAL INFRASTRUCTURE IN IRAN CONFLICT

READ MORE

When AI turns against the machine: The emerging threat of LLMs targeting AI infrastructure

(Igor Omilaev / Unsplash)

By Captain Scott Pleasants

The rapid integration of large language models and autonomous artificial intelligence (AI) systems into defense, critical infrastructure, and enterprise environments has created a fundamentally new attack surface—one that existing cybersecurity frameworks were not designed to address. This article examines the emerging threat of AI systems being leveraged to target AI infrastructure itself, with particular focus on four documented attack classes: sponge examples for resource exhaustion; neural trojan backdoor attacks; adversarial workload scheduling; and model extraction through black-box querying. Drawing on published academic research and documented adversary behavior from state-sponsored threat actors including Russia’s Sandworm unit and China’s People’s Liberation Army (PLA) Cyberspace Force, the article argues that AI infrastructure has become strategic infrastructure—requiring security treatment commensurate with that status. Defensive countermeasures exist for each attack class but remain largely unimplemented in operational environments.

In October 2022, Russia’s Sandworm—GRU Unit 74455—timed a cyberattack against Ukrainian power infrastructure to coincide with a mass missile strike on Ukrainian cities. The attack did not breach the grid with brute force. Sandworm had spent months learning the decision logic of the industrial control systems governing Ukrainian substations. When the moment came, it used that logic against itself—tripping circuit breakers through the grid’s own management software while operators watched dashboards that showed nothing obviously wrong. The lights went out. The source of the disruption was concealed. By the time engineers understood what had happened, the missiles had already landed.

That operational template—patient study of a target system’s decision architecture, embedding within its management layer, weaponizing its own logic—did not end with Ukrainian power infrastructure. It is coming for AI.

Read more at Small Wars Journal

Click to listen highlighted text!