- Tactics
- Resource Development
- Maturity
- demonstrated
- Reference
- atlas.mitre.org/techniques/AML.T0066
Description
Adversaries may write content designed to be retrieved by user queries and influence a user of the system in some way. This abuses the trust the user has in the system.
The crafted content can be combined with a prompt injection. It can also stand alone in a separate document or email. The adversary must get the crafted content into the victim\u0027s database, such as a vector database used in a retrieval augmented generation (RAG) system. This may be accomplished via cyber access, or by abusing the ingestion mechanisms common in RAG systems (see RAG Poisoning).
Large language models may be used as an assistant to aid an adversary in crafting content.
How GTK Cyber trains on this
GTK Cyber's hands-on AI security courses cover adversarial-AI techniques across the MITRE ATLAS framework, including the Resource Development tactic this technique falls under. Our practitioner-led training is taught by Charles Givre and other field-tested SMEs and focuses on real adversarial scenarios, not slide decks.
Related techniques
- AML.T0002 — Acquire Public AI Artifacts
- AML.T0008 — Acquire Infrastructure
- AML.T0016 — Obtain Capabilities
- AML.T0017 — Develop Capabilities
- AML.T0019 — Publish Poisoned Datasets
- AML.T0020 — Poison Training Data
- AML.T0021 — Establish Accounts
- AML.T0058 — Publish Poisoned Models
- AML.T0060 — Publish Hallucinated Entities
- AML.T0065 — LLM Prompt Crafting
- AML.T0079 — Stage Capabilities
- AML.T0104 — Publish Poisoned AI Agent Tool