A massive analysis of one million artificial intelligence services reveals a worrying reality: the majority lack basic security measures. The investigation detected that AI systems expose sensitive data and models to attacks due to a lack of authentication, encryption, and basic configurations, leaving the doors open to any intruder.
Technical failures: APIs and databases without locks 🔓
The study found that many administrative interfaces operate without a password or with default credentials, facilitating unauthorized access. Incorrect configurations in databases and APIs are a common weak point, allowing information leaks. These errors, avoidable with standard protocols like OAuth or TLS, turn systems into easy targets for extracting data or manipulating models.
The digital lock nobody wanted to install 🔐
It seems that security in AI is like that IKEA furniture you buy and never assemble: everyone knows it needs to be done, but nobody bothers. Developers left the doors wide open, as if expecting visitors. At least, if someone steals your data, they should know it was delivered with love and without any protection.