- Tactics
- Execution
- Maturity
- realized
- Reference
- atlas.mitre.org/techniques/AML.T0103
Description
Adversaries may launch AI agents in the victim’s environment to execute actions on their behalf. AI agents may have access to a wide range of tools and data sources, as well as permissions to access and interact with other services and systems in the victim’s environment. The adversary may leverage these capabilities to carry out their operations.
Adversaries may configure the AI agent by providing an initial system prompt and granting access to tools, effectively defining their goals for the agent to achieve. They may deploy the agent with excessive trust permissions and disable any user interactions to ensure the agent’s actions aren’t blocked.
Launching an AI agent may provide for some autonomous behavior, allowing for the agent to make decisions and determine how to achieve the adversary’s goals. This also represents a loss of control for the adversary.
How GTK Cyber trains on this
GTK Cyber's hands-on AI security courses cover adversarial-AI techniques across the MITRE ATLAS framework, including the Execution tactic this technique falls under. Our practitioner-led training is taught by Charles Givre and other field-tested SMEs and focuses on real adversarial scenarios, not slide decks.