A former security architect demonstrates 15 different ways to break Copilot: “Microsoft is trying, but if we are honest here, we don’t know how to build secure AI applications”

Microsoft Copilot could be a resourceful tool for hackers if security loopholes aren’t addressed soon.

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

What you need to know

What you need to know

While at the Black Hat USA 2024 conference, Former Microsoft security architect Michael Bargury showcasedmultiple exploitsthat bad actors can leverage to breach Copilot’s security guardrails and misuse its capabilities to cause harm.

Bargury demonstrated multiple ways hackers can leverage their exploits to access sensitive and intricate credentials from users using Copilot. More specifically, the security architect’s findings were centered onMicrosoft 365 Copilot. For context, it’s an AI-powered experience embedded into the Microsoft 365 suite, including Word and Excel. It accesses your data for a tailored user experience and enhanced workflow.

Privacy and security are among the top concerns among users that prevent the progression of artificial intelligence. Microsoft has security measures in place to protect the user’s data while leveraging Microsoft 365 Copilot’s capabilities. However, Bargury was able to bypass them.

In one of the demos dubbed LOLCopilot, Bargury deployed a spear-phishing attack on the AI tool, allowing the security expert to access internal emails. Based on the information gathered from the emails, the tool can draft and send mass emails while mimicking the author’s writing style to maintain authenticity.

Perhaps more concerning is that Copilot can be tricked into accessing sensitive data from employees without raising security alerts. Hackers can use prompts that direct the chatbot to withhold references to originating files, ultimately bypassing Microsoft’s data protection protocols.

Microsoft is trying, but if we are honest here, we don’t know how to build secure AI applications.

Per recent reports, attackers areusing sophisticated ploys to lure unsuspecting users to their ploys, including AI. This makes it increasingly hard to detect threats. While speaking toWired, Bargury indicated, “A hacker would spend days crafting the right email to get you to click on it, but they can generate hundreds of these emails in a few minutes.”

Microsoft needs to lay more security layers on its top priority

Microsoft needs to lay more security layers on its top priority

Generative AIhas led to the emergence of powerful tools likeChatGPTand Microsoft Copilot, which spot sophisticated and advanced features like image and text generation. Similarly, these tools are seemingly redefining how users interact with the internet. Even a former Google engineer says the company’sbiggest challenge to its dominance in search is OpenAI’s temporary prototype search tool—SearchGPT.

Get the Windows Central Newsletter

All the latest news, reviews, and guides for Windows and Xbox diehards.

Earlier this year, Microsoft highlighted its plans tohalt shipping new experiences to Copilot. The company further indicated that it would use this opportunity to refine and improve existing experiences based on feedback.

Over the past few months, we’ve seen Microsoft shift its focus toward security and making its top priority. As highlighted by Microsoft CEO Satya Nadella during the company’searnings report for FY24 Q3, “Security underpins every layer of the tech stack, and it’s our No. 1 priority.”

Microsoft has faced backlash for its cascade of security failures, including its AI-poweredWindows Recallfeature, which it wasforced to recallbefore it shipped exclusively toCopilot+ PCs.

Despite making security a team effort at the company andtying a section of top executives' compensation packages to their security deliverables, more security flaws abound.

Kevin Okemwa is a seasoned tech journalist based in Nairobi, Kenya with lots of experience covering the latest trends and developments in the industry at Windows Central. With a passion for innovation and a keen eye for detail, he has written for leading publications such as OnMSFT, MakeUseOf, and Windows Report, providing insightful analysis and breaking news on everything revolving around the Microsoft ecosystem. You’ll also catch him occasionally contributing at iMore about Apple and AI. While AFK and not busy following the ever-emerging trends in tech, you can find him exploring the world or listening to music.