Cybersecurity In-Depth: Getting answers to questions about IT security threats and best practices from trusted cybersecurity professionals and industry experts.
News Desk 2024: Hacking Microsoft Copilot Is Scary Easy
As enterprises in the world embrace Microsoft's AI assistant, researcher Michael Bargury warns its security is lacking. Check out his News Desk interview during Black Hat USA.
August 26, 2024
Microsoft Copilot is rapidly becoming the go-to artificial intelligence productivity assistant across some of the largest enterprises in the world, but researcher Michael Bargury, chief technology officer with Zenity, warns the new technology poses some distinct cybersecurity concerns.
Bargury isn't down on Copilot, quite the contrary. He's found the technology invaluable in his own day-to-day work, he explained to Dark Reading. But based on Copilot's visibility deep into the enterprise, including emails, messaging applications, and much more — which is precisely what makes it so valuable for users — also makes it an alluring target for malicious actors.
"It has access to your emails, your calendar, your Teams messages, all of your files, and if you bring in plug-ins it can actually work on your behalf," Bargury explained. "It has access to everything you have access to, even the things you write to yourself."
Through his research, Bargury was able to demonstrate how to take over Microsoft Copilot by sending a single email. "I can get Copilot to tell you whatever I want it to tell you," he added.
About the Author
You May Also Like