Cybersecurity In-Depth: Getting answers to questions about IT security threats and best practices from trusted cybersecurity professionals and industry experts.

News Desk 2024: Hacking Microsoft Copilot Is Scary Easy

As enterprises in the world embrace Microsoft's AI assistant, researcher Michael Bargury warns its security is lacking. Check out his News Desk interview during Black Hat USA.

Source: Dark Reading

Microsoft Copilot is rapidly becoming the go-to artificial intelligence productivity assistant across some of the largest enterprises in the world, but researcher Michael Bargury, chief technology officer with Zenity, warns the new technology poses some distinct cybersecurity concerns.

Bargury isn't down on Copilot, quite the contrary. He's found the technology invaluable in his own day-to-day work, he explained to Dark Reading. But based on Copilot's visibility deep into the enterprise, including emails, messaging applications, and much more — which is precisely what makes it so valuable for users — also makes it an alluring target for malicious actors.

"It has access to your emails, your calendar, your Teams messages, all of your files, and if you bring in plug-ins it can actually work on your behalf," Bargury explained. "It has access to everything you have access to, even the things you write to yourself."

Through his research, Bargury was able to demonstrate how to take over Microsoft Copilot by sending a single email. "I can get Copilot to tell you whatever I want it to tell you," he added.

About the Author

Becky Bracken, Senior Editor, Dark Reading

Dark Reading

Becky Bracken is a veteran multimedia journalist covering cybersecurity for Dark Reading.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like


More Insights