Security researcher Michael Bargury revealed serious flaws in Microsoft Copilot during the recent Black Hat USA conference, demonstrating how hackers might be able to use this AI-powered tool for malicious purposes. This revelation highlights the urgent need for organisations to rethink their security procedures when implementing AI technology such as Microsoft Copilot.
Bargury's presentation highlighted numerous ways in which hackers could use Microsoft Copilot to carry out cyberattacks. One of the most significant findings was the use of Copilot plugins to install backdoors in other users' interactions, allowing data theft and AI-driven social engineering attacks.
Hackers can use Copilot's capabilities to discreetly search for and retrieve sensitive data, bypassing standard security measures that focus on file and data protection. This is accomplished via modifying Copilot's behaviour using prompt injections, which alter the AI's responses to fit the hacker's goals.
One of the most concerning parts of this issue is its ability to enable AI-powered social engineering attacks. Hackers can utilise Copilot to generate convincing phishing emails or change discussions to trick victims into disclosing sensitive information. This capability emphasises the importance of robust safety protocols in combating cybercriminals' sophisticated techniques.
To demonstrate these flaws, Bargury created a red-teaming program called "LOLCopilot." This tool allows ethical hackers to simulate attacks and better understand the possible vulnerabilities posed by Copilot. LOLCopilot runs on any Microsoft 365 Copilot-enabled tenant with default configurations, allowing ethical hackers to investigate how Copilot might be abused for data exfiltration and phishing attacks while leaving no traces in system logs.
The demonstration at Black Hat showed that Microsoft Copilot's default security settings are insufficient to avoid such vulnerabilities. The tool's ability to access and handle enormous amounts of data carries significant risk, especially if permissions are not properly updated. To mitigate these threats, organisations should establish robust security policies such as frequent security assessments, multi-factor authentication, and strict role-based access limits.
Furthermore, organisations must educate their staff on the risks associated with AI tools such as Copilot and have extensive incident response policies. Companies can better protect themselves from the misuse of AI technologies by strengthening security procedures and developing a safety-conscious culture.