TechniquecollectionATLAS

AML.T0085Data from AI Services

What it is

Adversaries may use their access to a victim organization's AI-enabled services to collect proprietary or otherwise sensitive information. As organizations adopt generative AI in centralized services for accessing an organization's data, such as with chat agents which can access retrieval augmented generation (RAG) databases and other data sources via tools, they become increasingly valuable targets for adversaries. AI agents may be configured to have access to tools and data sources that are not directly accessible by users. Adversaries may abuse this to collect data that a regular user wouldn't be able to access directly.

References

  1. https://atlas.mitre.org/techniques/AML.T0085

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

ATLAS
LLM Data Leakage
ATLAS
AI-Enabled Product or Service
ATLAS
AI Agent Tool Data Poisoning
ATLAS
AI Agent Tool Invocation
ATLAS
Discover AI Agent Configuration
ATLAS
Exfiltration via AI Agent Tool Invocation
Sourced from MITRE ATLAS — Adversarial Threat Landscape for AI Systems. Curated by Adam Lundqvist, SQUR.