UK’s top cybersecurity agency – the National Cyber Security Centre (NCSS) – has warned that prompt injection attacks, which exploit vulnerabilities in large language models (LLMs) by manipulating their inputs to produce unintended outputs, are fundamentally different from traditional SQL injection attacks. While SQL injection involves inserting malicious code into a database query to manipulate or access data, prompt injection targets the behaviour of LLMs by crafting inputs that cause the model to disregard its original instructions. This can lead to the generation of harmful content, unauthorized data disclosure, or unintended actions within systems that rely on LLMs. The NCSS suggests a better approach to mitigating prompt injection might be to not treat it as a form of code injection, but instead view it as an exploitation of ‘confused deputy vulnerabilities’ (i.e. where a system can be coerced to perform a function that benefits the attacker, typically where a privileged component is coerced into making a privileged request on behalf of a less-privileged attacker). Addressing prompt injection requires distinct strategies (with recommendations aligned with the ETSI standard (TS 104 223) on Baseline Cyber Security Requirements for AI Models and Systems), as conventional security measures effective against SQL injection may not be applicable.
Click here for the official article/release
Disclaimer
The Legal Wire takes all necessary precautions to ensure that the materials, information, and documents on its website, including but not limited to articles, newsletters, reports, and blogs (“Materials”), are accurate and complete. Nevertheless, these Materials are intended solely for general informational purposes and do not constitute legal advice. They may not necessarily reflect the current laws or regulations. The Materials should not be interpreted as legal advice on any specific matter. Furthermore, the content and interpretation of the Materials and the laws discussed within are subject to change.
