Pillar Security’s State of Attacks on GenAI: 90% of Successful Attacks Seen in the Wild Resulted in Leaked Sensitive Data

On average AI attacks complete in just 42 seconds and include five interactions


TEL AVIV, Israel, Oct. 09, 2024 (GLOBE NEWSWIRE) -- Pillar Security, a pioneering company in GenAI security solutions, today released the industry’s first "State of Attacks on GenAI" research based on real-world analysis of more than 2,000 AI applications. In sharp contrast to earlier opinion and theoretical risk surveys, this data-driven research is based on Pillar's telemetry data derived from data interactions that occurred in production AI-powered applications over the past three months.

Key findings from the report include:

  • High Success Rate of Data Theft: 90% of successful attacks resulted in the leakage of sensitive data
  • Alarming Bypass Rate: 20 percent of jailbreak attack attempts successfully bypassed GenAI application guardrails
  • Rapid Attack Execution: Adversaries require an average of just 42 seconds to execute an attack
  • Minimal Interaction Needed: Attackers needed only five interactions on average with GenAI applications to complete a successful attack
  • Widespread Vulnerabilities: Attacks exploited vulnerabilities at every stage of interaction with GenAI systems, underscoring the critical need for comprehensive security measures
  • Increase in Frequency and Complexity: the analyzed attacks reveal a clear increase in both the frequency and complexity of prompt injection attacks, with users employing more sophisticated techniques and making persistent attempts to bypass safeguards as time progresses

"The widespread adoption of GenAI in organizations has opened a new frontier in cybersecurity," said Dor Sarig, CEO and co-founder of Pillar Security. "Our report goes beyond theoretical risks and, for the first time, shines a light on the actual attacks occurring in the wild, offering organizations actionable insights to fortify their GenAI security posture."

Highlights among the many other insights in the fact-filled report are:

  • Top Jailbreak Techniques, which include Ignore Previous Instructions--attackers direct AI systems to disregard their initial programming--and Base64 Encoding--malicious prompts encoded to evade security filters
  • Primary Attacker Motivations are stealing sensitive data, proprietary business information and PII and circumventing content filters to produce disinformation, hate speech, phishing messages and malicious code, among others
  • Curated and detailed list analyzes top attacks observed in real-world production AI apps
  • Looking Ahead to 2025, Pillar projects the evolution from chatbots to copilots and autonomous agents, alongside the proliferation of small, locally deployed AI models. This new era of AI adoption democratizes access but further expands attack surfaces, introducing additional security challenges for organizations.

"As we move towards AI agents capable of performing complex tasks and making decisions, the security landscape becomes increasingly complex," explained Sarig. "Organizations must prepare for a surge in AI-targeted attacks by implementing tailored red-teaming exercises and adopting a 'secure by design' approach in their GenAI development process."

The report emphasizes the inadequacy of traditional static security measures in the face of evolving AI threats. "Static controls are no longer sufficient in this dynamic AI-enabled world," added Jason Harrison, Pillar Security CRO. "Organizations must invest in AI security solutions capable of anticipating and responding to emerging threats in real-time, while supporting their governance and cyber policies.”

Pillar’s complete research report on the State of Attacks on GenAI is available on their website.

For more information on AI Security, please visit https://www.pillar.security/resources/buyer-guide.

To schedule a demo, please visit https://www.pillar.security/get-a-demo.

About Pillar Security
Pillar Security provides a unified platform to secure the entire AI lifecycle from development through production to usage. The platform integrates seamlessly with existing controls and workflows, and provides proprietary risk detection models, comprehensive visibility, adaptive runtime protection, robust governance features and cutting-edge adversarial resistance. Pillar's detection and evaluation engines are continuously optimized by training on large datasets of real-world AI app interactions, providing the highest accuracy and precision of AI-related risks.

Contact:
Hadar Yakir
Head of Marketing, Pillar Security
hadar@pillar.security