Kyle Meyer
Security Consultant with Abricto Security that specializes in network penetration testing. LLM hacker as a side hobby. Former professional basketball player and father.
Session
In the days where LLMs are beginning to explode into every web application and process, companies are adding additional attack vectors thereby increasing overall risk. According to OWASP, prompt injections as the top risk for LLMs that offer a chat feature and prompt injections can be broken down plainly into 10 distinct types. Balancing the bot’s desire to be helpful with adherence to company policy is a challenging task. Threat actors exploit this conflict, along with other inherent coding vulnerabilities, to generate malicious responses.
This presentation will give you an inside look at how the LLMs come to their conclusive answers, how we as hackers look to find manipulation techniques, and the unfortunate consequences companies will face in the future. We can create a library of example prompts to attempt malicious actions against all language models. Just like current coding vulnerabilities, there will be variation for success, but the fundamentals are the same. Combining multiple prompt injection types from the distinct 10 increases the malicious prompts likelihood of success. Utilizing skills similar to that of author or artist and a little bit of programming knowledge, anyone can be an LLM hacker.