API Vulnerabilities Found Across AI Infrastructure Projects at NVIDIA, Mercedes – Source: securityboulevard.com

Organizations are rushing to integrate AI-driven features into their operations. However, the reliance on application programming interfaces (APIs) poses significant security risks.

These were among the findings of Wallarm’s Q1 API ThreatStats report, which highlighted the quarter’s top five API breaches.

At the top is auto giant Mercedes-Benz, having suffered a major API Leak that exposed critical source code and GitHub Enterprise data, including cloud keys and internal documents.

Among the other APIs targeted were NVIDIA’s Triton Inference Server and ZenML, a platform used by major international corporations for standardizing Machine Learning Operations (MLOps) workflows.

Triton Inference Server, a critical tool for AI model deployment, encountered an API vulnerability (CVE-2023-31036) that enabled unauthorized path traversal. This could potentially lead to severe consequences like code manipulation and data tampering.

GitLab faced a deceptive Account Takeover attack (CVE-2023-7028), allowing hackers to intercept password reset codes via email and potentially gain control over entire GitLab instances.

The report highlighted the prevalence of API attacks targeting popular enterprise applications; 43% of API threats in the first quarter were linked to widely used platforms, resulting in significant breaches, and exposing millions of sensitive records.

API vulnerabilities also affect DevOps tools and development frameworks, accounting for a substantial portion of the overall vulnerability spectrum.

Attractive Targets, Lack of Security Controls

As Ivan Novikov, CEO of Wallarm explained, APIs are specifically designed to simplify data access, which also makes them attractive targets for malicious actors. “They know they now have more entry points than ever before. We shouldn’t hack them via emails or malware, we can just get data through this interface,” he said. “It was surprising to discover how many AI frameworks were vulnerable to API issues.”

Novikov pointed out that in the rush to use APIs to enhance their customer service and overall user experience, developers failed to implement sufficient security controls, data governance controls, and other controls specifically related to APIs.

“There is absolutely no AI in production without APIs,” Novikov said. “Now we have a new wave of APIs to leverage AI infrastructure that are exposed.”

The dynamic of business needs and urgency for technologies such as AI-driven APIs means that business urgency often outpaces security implementation. “It’s not just a matter of lacking products; it’s also about not having experienced security personnel,” Novikov said. “Hiring people takes three to six months, but companies need to roll out these technologies tomorrow.”

John Bambenek, president at Bambenek Consulting, agrees that access to APIs has been the weak underbelly for data theft. “Organizations need to zealously protect the keys and rotate them often as well as ingesting log data around the use of these APIs so new detections can be created,” he advised.

When the hype around new technologies reaches critical mass, organizations will adopt them regardless of the risks. “Risk mitigation for hyped technologies comes only after the house has already burned down,” Bambenek said.

Identifying Vulnerabilities, Protecting Attack Surfaces

Eric Schwake, director of cybersecurity strategy at Salt Security, said AI is rapidly increasing the pace of API creation within organizations, leading to API security becoming as significant as traditional application security.

“Advanced API security solutions that use machine learning are essential for analyzing large amounts of API traffic data and identifying potential attacks,” Schwake said. It’s crucial to consider emerging threats and implement safeguards to protect the integrity of AI models and how they impact the creation of APIs.

To adequately protect the attack surface, cybersecurity teams must first identify all public-facing APIs and determine the risks they pose. “You have to score them to identify the most reasonable targets for attackers,” Novikov said. “If you have all your user’s data sitting on one API, you probably have to secure that first.”

With AI adoption showing no signs of slowing down and APIs playing a significant role as AI rolls out, attackers are creating new targets.

Novikov pointed out companies worldwide are just beginning to adopt AI-driven technologies such as LLMs and ChatGPT. That suggest cybersecurity issues are likely to persist, if not outright worsen. “We will see an exponential expansion of the attack surface driven by AI because AI is everywhere,” he said. “You need everything to feed AI, and AI should have access to all the data, because otherwise, how would it work?”

Photo credit: Alexander Grigoryev on Unsplash