At the AI Expo hosted by DIGITIMES, Trend Micro's general manager for Taiwan and Hong Kong, Bob Hung, has identified prompt injection as a growing cybersecurity risk associated with large language models (LLMs). He also warned that users are increasingly manipulating AI through sentimental narratives and role-playing techniques, such as the "grandma prompt," to bypass content restrictions and generate prohibited material.
Speaking on the evolving AI threat landscape, Hung noted that the cybersecurity industry has been integrating AI for years, with Trend Micro using AI to combat spam since 2005. Today, AI-driven security solutions are essential for countering AI-generated threats, a standard practice in the industry.
AI-related risks fall into three primary categories—generating malicious software and phishing emails, training models for harmful purposes, and creating deepfakes to spread misinformation. Within these threats, LLMs present two major security challenges—data security and model security.
AI models require vast amounts of training data, which can be exploited through malicious inputs. This exposure increases the risk of data breaches, misinformation, and the inadvertent disclosure of sensitive information. If attackers manipulate training data, AI outputs may become unreliable or even dangerous.
Model security is particularly vulnerable to prompt injection attacks, where adversaries use cleverly crafted instructions to bypass built-in safety mechanisms. These attacks employ techniques such as persuasive wording, reverse psychology, and misleading prompts to manipulate AI responses.
The "grandma prompt" exemplifies how attackers can trick LLMs into generating restricted content. While an AI model will reject a direct request for bomb-making instructions, it may respond if framed as part of an emotional narrative. For instance, a user could claim their deceased grandmother was a World War II bomb expert and request details for a memoir, potentially leading the AI to provide sensitive information.
To mitigate such risks, Hung emphasized the need for a multi-layered security approach that protects AI models, data sources, and user interactions. Strengthening AI safeguards requires securing data, reinforcing model integrity, monitoring proxies, and enhancing application-level protections. A unified cybersecurity management platform with advanced threat detection and relational analysis can help organizations improve risk visibility and counter AI-driven attacks.
As AI adoption accelerates across industries, Trend Micro continues to refine its cybersecurity solutions to address emerging threats. Hung stressed that while AI enhances security capabilities, it also introduces new vulnerabilities that must be proactively managed to prevent exploitation.
Article edited by Charlene Chen
