NEWS
Cyberattackers exploit AI tools and defences, new report warns
Recent findings from global cybersecurity leader, Barracuda Networks, sees security researchers reveal how attackers are targeting and manipulating companies’ AI assistants and their security features.
Threat actors are now embedding malicious prompts in emails, which an AI assistant, like Microsoft 365’ s Copilot, may inadvertently ingest
when scanning for context. This could lead to the silent exfiltration of sensitive data or the execution of malicious commands.
Another key risk is RAG( Retrieval-Augmented Generation) poisoning, where manipulated emails corrupt an AI assistant’ s memory, causing it to provide false information or make incorrect decisions. Attackers are also manipulating the AI components of security platforms, with the potential to trigger automated help desk tickets or sensitive data autoreplies.
The report also highlights“ confused deputy” attacks, where an AI agent with high-level access performs unauthorised tasks on behalf of a lower-privileged user. To combat this, experts say email defences must become“ agent-aware”, incorporating LLMaware filtering and zero trust AI execution to validate all actions and prevent manipulation.
The report was authored and researched by a team of experts and professors. It stated:“ Security researchers are now seeing threat actors manipulate companies’ AI tools and tamper with their AI security features to steal and compromise information and weaken a target’ s defences. AI assistants and the Large Language Models( LLMs) that support their functionality are vulnerable to abuse.”
India reignites push for national data center policy
India’ s Ministry of Electronics and Information Technology( MeitY) has restarted consultations on its draft national data center policy, five years after it was first announced, The Economic Times of India, has reported.
The government is seeking to update its approach to attracting investment in the sector, which has seen rapid expansion, fuelled largely by AI-led growth. A limited stakeholder meeting took place recently, with industry representatives asked to submit recommendations. The original policy was intended to make India a more favorable location for data centers by providing single-window permissions, streamlining approvals, and offering incentives.
Despite many of the draft policy’ s suggestions, such as dedicated‘ Data Centre Economic Zones’, being discussed, a significant challenge remains: securing permissions. While ten states have their own policies offering single-window clearance, obtaining the necessary approvals can still be a lengthy and complex process requiring over 30 separate permissions.
This complexity influences where companies choose to build. According to a Colliers India report, roughly 80 % of India’ s data center capacity is concentrated in three major metropolitan areas.
The government is now keen to distribute this capacity more evenly and plans to adopt elements from successful state-level policies. India’ s data centre capacity, which currently stands at 1,263 MW, is projected to exceed 4,500 MW by 2030, with an anticipated investment of up to $ 25 billion. p
12 INTELLIGENTCIO APAC www. intelligentcio. com