AI Security Realities: Rethinking PII as the Sole Risk Indicator

Title Image: AI Security Realities: Rethinking PII as the Sole Indicator

During a recent engagement with a client a few weeks back, we delved into the initial phases of assessing his company’s cybersecurity posture ahead of a vulnerability assessment I was scheduled to conduct the following weekend. During our discussion, he expressed a common misconception I often hear from other business owners: “Our AI platform doesn’t collect any PII, so our cybersecurity exposure is zero.” It was one of those moments where I could almost visualize myself with a deer-in-the-headlights expression and a slight twitch.

Since the onset of COVID, the prevalence of ransomware attacks has surged significantly. One unintended consequence, in my opinion, is that it has either blinded or instilled fear in many business owners, leading them to believe that threat actors are solely interested in exfiltrating data for the dark web or holding it for ransom. While there is truth to this narrative, cybercrime predominantly operates on opportunity. Consequently, threat actors are more likely to ponder during their reconnaissance phase, “How can I maximize my opportunity once I gain access?”

Snapping out of my momentary daze, I turned to my client and posed a question of my own: “Imagine if a hacker got into your tech stack and messed with the code so that every three prompts led to a link to some shady site. How do you think that would affect you and your users?” Witnessing his “light bulb” moment was heartening; it signified to me a genuine desire for his company’s prosperity. I elaborated further, emphasizing that while we often fixate on Personal Identifiable Information (PII) as the primary concern in a security breach due to its allure in headlines, regulatory concerns and potential reputational damage, the broader impact lies in unwittingly infecting or targeting thousands of users over an extended period. When engaging in such discussions, I always find it helpful to reference case studies, with SolarWinds and the New York Times being among my favorite examples for this type of conversation.

Case Study: Solar Winds

The SolarWinds cyberattack was a sophisticated supply chain attack discovered in December 2020. Threat Actors compromised SolarWinds, a software company providing network management tools, by injecting malicious code into its Orion software updates. These updates were then distributed to SolarWinds customers, including numerous government agencies and corporations worldwide. The attackers, the Russian Foreign Intelligence Service (SVR), according to the United States Government, gained access to sensitive data and networks, potentially for espionage purposes. Reportedly, over 18,000 customers were affected, and unauthorized access to the system might have persisted for a period of at least 10 months.

Case Study: The New York Times

Back in 2016, the New York Times was targeted by a malicious campaign that hijacked online advertisements to distribute “ransomware.” The attack primarily affected users in the US and utilized multiple ad networks, exploiting vulnerabilities such as a flaw in Microsoft’s Silverlight software. When users clicked on infected ads, they were redirected to servers hosting the malware, which employed the Angler exploit kit to gain access to their computers. The ransomware then encrypted users’ hard drives and demanded payment in bitcoin for decryption keys.

Understanding the Broader Impact: Beyond PII and into System Vulnerabilities

Why does this hold significance? In both instances, the threat actors weren’t solely fixated on the initial target’s PII. Their objective, in both cases, was to affect end users by infiltrating and altering the initial victim’s tech stack or software infrastructure. Following the presentation of these examples, the client indicated a deeper comprehension of some of the lesser-known threats confronting his platform. 

One notable quote he permitted me to share for this post was, “As someone running a business, it’s simple to miss the wider consequences of a breach beyond mere data loss. Many of the rules we’re worried about in this area mainly revolve around protecting sensitive information like social security numbers, addresses, and birthdates. I should also be worried if my system could unintentionally harm others.” 

While I reassured him that the probability of such an event occurring to him might be relatively low, particularly with adequate controls in place, conducting a comprehensive risk assessment is paramount. It will provide us with a clearer understanding of the extent to which this concern is valid.


Change Your Managerial Mindset about Security

Learn how you can be a better advocate for your Cybersecurity Program


Protecting Your AI Model From Model Poisoning

AI model poisoning, also known as data poisoning or model poisoning attacks, is a form of adversarial attack aimed at compromising the integrity and performance of machine learning models. In this type of attack, the adversary manipulates the training data fed into the model in such a way that it subtly alters the model’s behavior or output. The goal is to introduce biases or vulnerabilities into the model, leading it to make incorrect or undesirable predictions when deployed in real-world scenarios.

Model poisoning attacks can take various forms, such as injecting malicious data samples into the training dataset, manipulating existing data samples, or perturbing the model’s training process itself. The ultimate aim is to undermine the trustworthiness and reliability of the AI system, potentially leading to security breaches or misclassification of data.

Defending against AI model poisoning requires robust security measures throughout the AI development lifecycle, including rigorous data validation, secure model training processes, and ongoing monitoring for suspicious behavior or deviations from expected performance.

Some notable integrity controls as outlined by the OWASP AI Exchange are:

  • Incorporate human supervision and business logic to identify undesired model behavior, and take action to rectify or pause the model’s decision-making process.
  • Apply the principle of least model privilege to limit the model’s capacity to transmit inaccurate or sensitive data to other users.
  • Introduce Continuous Validation to identify abrupt changes induced by persistent attacks, such as model poisoning.

As a cybersecurity professional, attaining this degree of comprehension and endorsement from decision-makers is a sought-after goal we consistently pursue. Particularly within the swiftly evolving AI landscape, it’s crucial to establish and oversee controls that uphold the integrity of the system, as the consequences may not always involve PII leakage.  

It’s crucial to recognize that many decision-makers have been conditioned to perceive their primary threat as solely the sensitive data they possess. As practitioners, it’s our responsibility to expand the scope of the attack surface and identify other assets or processes that may be at risk if overlooked.


To support this blog, this post may contain affiliate links. Please read our Privacy Policy for more information.
Drawing on over two decades of experience in the Information Technology industry, I have acquired a diverse range of roles that have shaped my distinctive outlook. Through this journey, I have developed into an accomplished authority in risk management, catering to Fortune 500 companies and small businesses on a global scale. Over the past 12 years, my primary focus has centered on empowering small business owners and insurance professionals to comprehend the ramifications of cyber incidents and effectively mitigate the risks associated with potential data breaches. My passion for cybersecurity has inspired me to create the Sage Knows IT blog. Through this platform, I aim to help small business owners and aspiring IT professionals understand the roadmap of the IT industry based on my experiences. Information Technology and Information Security are crucial for our future, and I hope my blog will motivate those who are interested in joining this ever-evolving field.

Related Posts

10 Ways to Improve Your Math Skills for Cybersecurity

10 Ways to Improve Your Math Skills for Cybersecurity

As highlighted in our earlier discussion, The Intersection of Math and Cybersecurity, a solid grasp of mathematics is indispensable within the realm of cybersecurity. The specific demands…

The Intersection of Math and Cybersecurity - Does Cybersecurity Require Math?

The Intersection of Math and Cybersecurity

During my weekend exploration of a renowned Q&A platform, I unexpectedly encountered a question that left me intrigued. I couldn’t help but wonder if the original poster (OP) was playfully jesting or sincerely seeking knowledge. This curious moment brought forth a reminiscent smile as I recalled the age-old adage we all encountered during our early school years: “Math is fundamental to all endeavors.” However, an interesting twist emerged: Does this axiom extend its influence into the intricate realm of Cybersecurity?

Client Confidence Crisis: How Neglecting Security Practices Can Drive Customers Away

In today’s digital landscape, establishing an Information Systems Security Program (ISSP) is no longer optional but a crucial necessity for organizations. This blog post explores the vital importance of implementing an ISSP early on and understanding the factors that influence its establishment and modification. Senior management’s role in championing ISSPs is emphasized, as their buy-in and recognition of its significance set the tone for organizational security practices.

However, misconceptions and flawed reasoning often hinder the adoption of robust security measures. From the belief that “it will never happen to us” to relying solely on insurance coverage, these notions can prove detrimental to an organization’s security posture. Furthermore, assumptions that clients don’t care about security or that the cloud provides ultimate protection are debunked, shedding light on the evolving expectations and regulations surrounding data protection.

The ugly truth emerges as we delve into the constant threat of internet vulnerability scans and the risks organizations face when vulnerabilities are discovered. This post aims to dismantle these flawed mindsets, highlighting the need for a comprehensive security approach beyond insurance coverage and the importance of addressing vulnerabilities proactively.

Stay tuned for the upcoming parts of this conversation, where we will explore additional influential factors and provide insights into developing effective ISSPs. Together, let’s navigate the complex world of system security and ensure the protection of your organization’s invaluable assets.

Maximizing Email Security: Understanding the Importance of DKIM, SPF, and DMARC

Email is a crucial part of our daily lives, but unfortunately, it’s also a popular target for cybercriminals who use various tactics like spam, phishing, and spoofing to scam people. The FTC recently issued a warning to users of MetaMask and PayPal about phishing scams that are currently circulating through fake emails. The scam claims that the user’s cryptocurrency wallet has been blocked and encourages them to click a link and update their wallet to prevent the loss of their crypto. To protect email users from these threats, authentication protocols like DKIM, SPF, and DMARC are strongly recommended.

Top 10 Cybersecurity Job Sites

Top 10 Job Sites for Cybersecurity Professionals

As the world continues to rely heavily on technology, the demand for cybersecurity professionals continues to grow. Cybersecurity jobs offer high salaries, job security, and a wide range of career options. However, finding the right job can be challenging.

RSS302
Twitter638
YouTube0
YouTube
Pinterest0
fb-share-icon
LinkedIn
Share
20