Security Magazine logo
search
cart
facebook twitter linkedin youtube
  • Sign In
  • Create Account
  • Sign Out
  • My Account
Security Magazine logo
  • NEWS
    • Security Newswire
    • Technologies & Solutions
  • MANAGEMENT
    • Leadership Management
    • Enterprise Services
    • Security Education & Training
    • Logical Security
    • Security & Business Resilience
    • Profiles in Excellence
  • PHYSICAL
    • Access Management
    • Fire & Life Safety
    • Identity Management
    • Physical Security
    • Video Surveillance
    • Case Studies (Physical)
  • CYBER
    • Cybersecurity News
    • More
  • BLOG
  • COLUMNS
    • Cyber Tactics
    • Leadership & Management
    • Security Talk
    • Career Intelligence
    • Leader to Leader
    • Cybersecurity Education & Training
  • EXCLUSIVES
    • Annual Guarding Report
    • Most Influential People in Security
    • The Security Benchmark Report
    • The Security Leadership Issue
    • Top Guard and Security Officer Companies
    • Top Cybersecurity Leaders
    • Women in Security
  • SECTORS
    • Arenas / Stadiums / Leagues / Entertainment
    • Banking/Finance/Insurance
    • Construction, Real Estate, Property Management
    • Education: K-12
    • Education: University
    • Government: Federal, State and Local
    • Hospitality & Casinos
    • Hospitals & Medical Centers
    • Infrastructure:Electric,Gas & Water
    • Ports: Sea, Land, & Air
    • Retail/Restaurants/Convenience
    • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
    • Industry Events
    • Webinars
    • Solutions by Sector
    • Security 500 Conference
  • MEDIA
    • Videos
      • Cybersecurity & Geopolitical Discussion
      • Ask Me Anything (AMA) Series
    • Podcasts
    • Polls
    • Photo Galleries
  • MORE
    • Call for Entries
    • Classifieds & Job Listings
    • Continuing Education
    • Newsletter
    • Sponsor Insights
    • Store
    • White Papers
  • EMAG
    • eMagazine
    • This Month's Content
    • Advertise
  • SIGN UP!
CybersecurityManagementSecurity Leadership and ManagementLogical SecuritySecurity & Business Resilience

Add 'prompt' to the long list of injection attacks

By Stu Sjouwerman
ChatGPT logo and prompt on blue screen

Image via Unsplash

May 5, 2023

Injection attacks have been around a long time and are still one of the most dangerous forms of attack vectors used by cybercriminals. Injection attacks refer to when threat actors “inject” or provide a non-validated input to a program. This initial input gets processed as part of a command or query which in turn manipulates, changes or overrides the execution of a program. Injection attacks are known to cause data loss, data corruption, security breaches, leakage of information and loss of control. A ‘successful’ injection can empower adversaries with administrator privileges, allowing them to access or manipulate database information without authorization.  

Considered a top web security risk, injection attacks usually aim at web applications. Although injection attacks come in a variety of flavors, certain attack types are more common than others. A 2022 study by Radware reported the most common types of injection attacks include predictable resource location, code injection and SQL injection attacks, while overall attacks on web applications grew by 128%.

Experts warn of a new type of injection attack aimed at AI

Generative AI bots such as ChatGPT and Google Bard are designed to give human-like responses and narratives and follow instructions when “prompted” with questions. However, studies show these tools can be manipulated to accomplish malicious tasks, respond in undesirable ways, reveal sensitive information or ignore their safety filters if prompts are carefully tailored or engineered to overcome AI guardrails — a.k.a. prompt injection attacks. 

Prompt injection attacks draw parallels with code injection attacks where attackers insert malicious code via an input to a system. The key difference between the two is that with AI, the “input” is the prompt itself. Prompt injection attacks may grow to become more common than  standard injection attacks because the barriers to entry are extremely low. Even if someone has no coding or technical skills, they can still trick AI into following their instructions as long as they are clever and creative with their ill-intentioned prompts. 

AI-enhanced tools can be turned into sophisticated phishers

Businesses and startups have already started integrating ChatGPT plugins to develop AI-enhanced virtual assistants that help with appointment settings and bookings, customer service, social media and other applications. Even Cornell University computer science labs is studying this phenomenon. These chatbots can be exploited, manipulated or hijacked to retrieve sensitive information using a new technique called indirect prompt injection. 

AI-enhanced chatbots operate by scraping information off web pages and therefore they can be triggered to follow a malicious instruction without requiring further input from a user. Imagine a situation where a hacker poisons a webpage and hides malicious prompts by adding comments or using zero-point fonts on the webpage. A researcher recently demonstrated that he was able to successfully leverage Microsoft Bing Chat and generate phishing messages that looked like they came from a Microsoft employee. The chatbot even requested the user’s credit card information. 

The scary part about indirect prompt injection is that attackers do not need to take over or control the entire website that the user visits. All they need to do is simply inject regular text or a comment in the webpage that is invisible to the user simply by changing the font color to white. When the chatbot ingests this content, it reprograms its goals based on the prompt provided. As long as the poisoned web page remains open, the injection will continue to remain active. 

How can organizations protect against prompt injection attacks?

To mitigate risks related to prompt injection attacks, businesses need a multi-pronged approach that builds secure behavior in employees as well as safeguards AI technology against malicious attacks. From an employee standpoint, users should be comprehensively trained to recognize scams and social engineering attacks that are delivered using AI. At the AI-level, organizations should consider building stronger filters and rules that prevent AI from behaving unexpectedly. For instance, experimenting with methods such as reinforcement learning from user feedback so that AI models better align with business expectations. Also, introducing bug bounty programs can incentivize users to research and report vulnerabilities and weaknesses in AI. 

Don’t forget that security is a cat and mouse game. Every time AI becomes stronger and more secure, threat actors will discover new ways to work around it. This is why it’s crucial for organizations to not limit mitigation activity strictly to technical controls, but to support those efforts with investments in training people to be aware of these various AI prompts and injection attack types.

This article originally ran in Today’s Cybersecurity Leader, a monthly cybersecurity-focused eNewsletter for security end users, brought to you by Security magazine. Subscribe here.

KEYWORDS: Artificial Intelligence (AI) Security cyberattack data breach data protection malware

Share This Story

Looking for a reprint of this article?
From high-res PDFs to custom plaques, order your copy today!

New stu sjouwerman ceo knowbe4

Stu Sjouwerman is founder and CEO of KnowBe4, developer of security awareness training and simulated phishing platforms. He was co-founder of Sunbelt Software, the anti-malware software company acquired in 2010. He is the author of four books, including “Cyberheist: The Biggest Financial Threat Facing American Businesses.” He can be reached at ssjouwerman@knowbe4.com.

 

Recommended Content

JOIN TODAY
To unlock your recommendations.

Already have an account? Sign In

  • Security's Top Cybersecurity Leaders 2024

    Security's Top Cybersecurity Leaders 2024

    Security magazine's Top Cybersecurity Leaders 2024 award...
    Security Leadership and Management
    By: Security Staff
  • cyber brain

    The intersection of cybersecurity and artificial intelligence

    Artificial intelligence (AI) is a valuable cybersecurity...
    Cybersecurity
    By: Pam Nigro
  • artificial intelligence AI graphic

    Assessing the pros and cons of AI for cybersecurity

    Artificial intelligence (AI) has significant implications...
    New Security Technology
    By: Charles Denyer
Manage My Account
  • Security eNewsletter & Other eNews Alerts
  • eMagazine Subscriptions
  • Manage My Preferences
  • Online Registration
  • Mobile App
  • Subscription Customer Service

More Videos

Sponsored Content

Sponsored Content is a special paid section where industry companies provide high quality, objective, non-commercial content around topics of interest to the Security audience. All Sponsored Content is supplied by the advertising company and any opinions expressed in this article are those of the author and not necessarily reflect the views of Security or its parent company, BNP Media. Interested in participating in our Sponsored Content section? Contact your local rep!

close
  • Crisis Response Team
    Sponsored byEverbridge

    Automate or Fall Behind – Crisis Response at the Speed of Risk

  • Perimeter security
    Sponsored byAMAROK

    Why Property Security is the New Competitive Advantage

  • Duty of Care
    Sponsored byAMAROK

    Integrating Technology and Physical Security to Advance Duty of Care

Popular Stories

Coding

AI Emerges as the Top Concern for Security Leaders

Half open laptop

“Luigi Was Right”: A Look at the Website Sharing Data on More Than 1,000 Executives

Shopping mall

Victoria’s Secret Security Incident Shuts Down Website

Laptop with coding on ground

Stepping Into the Light: Why CISOs Are Replacing Black-Box Security With Open-Source XDR

Gift cards and credit cards

Why Are Cyberattacks Targeting Retail? Experts Share Their Thoughts

2025 Security Benchmark banner

Events

June 24, 2025

Inside a Modern GSOC: How Anthropic Benchmarks Risk Detection Tools for Speed and Accuracy

For today's security teams, making informed decisions in the first moments of a crisis is critical.

July 17, 2025

Tech in the Jungle: Leveraging Surveillance, Access Control, and Technology in Unique Environments

From animal habitats to bustling crowds of visitors, a zoo is a one-of-a-kind environment for deploying modern security technologies.

View All Submit An Event

Products

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

See More Products

Related Articles

  • cyber-theft-freepik1170x658.jpg

    Initial access brokers: The new face of organized cybercrime

    See More
  • passwordenews

    So, what is the safest password policy? It’s complicated

    See More
  • workplace freepik

    If you want to safeguard your organization, focus on people

    See More

Related Products

See More Products
  • physical security.webp

    Physical Security Assessment Handbook An Insider’s Guide to Securing a Business

See More Products

Events

View AllSubmit An Event
  • July 17, 2025

    Tech in the Jungle: Leveraging Surveillance, Access Control, and Technology in Unique Environments

    From animal habitats to bustling crowds of visitors, a zoo is a one-of-a-kind environment for deploying modern security technologies.
View AllSubmit An Event
×

Sign-up to receive top management & result-driven techniques in the industry.

Join over 20,000+ industry leaders who receive our premium content.

SIGN UP TODAY!
  • RESOURCES
    • Advertise
    • Contact Us
    • Store
    • Want More
  • SIGN UP TODAY
    • Create Account
    • eMagazine
    • eNewsletter
    • Customer Service
    • Manage Preferences
  • SERVICES
    • Marketing Services
    • Reprints
    • Market Research
    • List Rental
    • Survey/Respondent Access
  • STAY CONNECTED
    • LinkedIn
    • Facebook
    • YouTube
    • X (Twitter)
  • PRIVACY
    • PRIVACY POLICY
    • TERMS & CONDITIONS
    • DO NOT SELL MY PERSONAL INFORMATION
    • PRIVACY REQUEST
    • ACCESSIBILITY

Copyright ©2025. All Rights Reserved BNP Media.

Design, CMS, Hosting & Web Development :: ePublishing