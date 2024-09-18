The pace of AI development continues to accelerate, but many organizations are failing to apply basic security measures to their models and tools, according to new research from Orca Security.

The cloud security vendor published the "2024 State of AI Security Report" on Wednesday that detailed alarming risks and security shortcomings in AI models and tools. Orca researchers compiled the report by analyzing data from cloud assets on AWS, Azure, Google Cloud, Oracle Cloud and Alibaba Cloud.

The report found that although AI usage has surged among organizations, many are not deploying the tools securely, which is concerning. For example, Orca warned that organizations struggle to disable risky default settings that could allow attackers to gain root access, deploy packages with vulnerabilities that threat actors could exploit or unknowingly expose sensitive code.

This is the latest report highlighting ongoing security risks with the rapid adoption of AI. Last month, Veracode also warned that developers are putting security second when it comes to using AI to write code. Now, Orca has shed light on how the problems continue to grow within enterprises.

While 56% of organizations deploy their own AI models for collaboration and automation, a significant number of the software packages they use contain at least one CVE.

"Most vulnerabilities are low to medium risk -- for now. [Sixty-two percent] of organizations have deployed an AI package with at least one CVE. Most of these vulnerabilities are medium risk with an average CVSS score of 6.9, and only 0.2% of the vulnerabilities have a public exploit (compared to the 2.5% average)," Orca wrote in the report.

Insecure configurations and controls Orca found that Azure OpenAI was the AI service organization most frequently used to build custom applications, but there are concerns. The report stated that 27% of organizations did not configure Azure OpenAI accounts with private endpoints, which could allow attackers to "access, intercept, or manipulate data transmitted between cloud resources and AI services." The report highlighted a significant problem with the default settings for Amazon SageMaker, a machine learning service that organizations use to develop and deploy AI models in the cloud. Disabling risky default settings in general is a massive problem organizations face when it comes to leveraging AI tools and platforms in business environments. The default settings of AI services tend to favor development speed rather than security, which results in most organizations using insecure default settings. Orca Security'2024 State of AI Security Report' "The default settings of AI services tend to favor development speed rather than security, which results in most organizations using insecure default settings. For example, 45% of Amazon SageMaker buckets are using non randomized default bucket names, and 98% of organizations have not disabled the default root access for Amazon SageMaker notebook instances," the report said. Orca warned that an attacker could use the root access to gain privileged access to perform any action on the asset. Another problem with Amazon SageMaker, which extends to all the cloud providers included in the report, is that organizations are not using self-managed encryption keys. Another issue flagged in the report involved a lack of encryption protection. For example, 98% of organizations using Google Vertex hadn't enabled encryption at rest for their self-managed keys. While the report noted that some organizations may have encrypted their data through other means, it warned the risks are significant. "This leaves sensitive data exposed to attackers, increasing the chances that a bad actor can exfiltrate, delete, or alter the AI model," Orca wrote. The report also highlighted security risks associated with AI platforms like OpenAI and Hugging Face. For example, Orca found that 20% of organizations using OpenAI have an exposed access key and 35% of companies have an exposed Hugging Face access key. Wiz researchers also proved how vulnerable Hugging Face is in research presented during Black Hat USA 2024 last month. The researchers demonstrated how they were able to compromise the AI platform and gain access to sensitive data. Vulnerabilities is just one issue Orca Security highlighted in a new report on AI security risks.