Why Model Poisoning Requires A New Approach To AI Security
✨ AI Summary
🔊 جاري الاستماع
InnovationWhy Model Poisoning Requires A New Approach To AI SecurityByKumar Mehta,Forbes Councils Member.for Forbes Technology CouncilCOUNCIL POSTExpertise from Forbes Councils members, operated under license. Opinions expressed are those of the author. | Membership (fee-based)May 12, 2026, 06:15am EDTKumar Mehta, Founder and Chief Development Officer, Versa. gettyAs enterprises rapidly embed large language models (LLMs) into products, workflows and customer-facing systems, a new category of risk is emerging.Attackers are now trying to corrupt enterprise models, degrade their behavior and influence dangerous or misleading outputs. This is called model poisoning. Traditional attacks try to break into systems. Model poisoning changes how systems behave after they are trusted. A compromised model does not trigger the same alarms as a breach. It continues operating normally while introducing risk into decisions and customer interactions.The understanding of the risk has evolved over the last few years, starting with researchers at Mithril Security demonstrating “PoisonGPT” in 2023, a surgically modified open-source model that passed standard benchmarks while spreading targeted disinformation. Then, in early 2024, researchers at JFrog identified roughly 100 models on Hugging Face carrying malicious code capable of executing arbitrary commands. Anthropic’s “Sleeper Agents” research similarly showed that backdoors trained into a model can survive the safety-tuning procedures.These are early warning signs of what could happen when models enter the enterprise through a supply chain the enterprise does not fully control.The Attack That Alters Behavior, Not AccessMany security programs focus on who can access a model endpoint, but that is only part of the problem when it comes to model poisoning attacks.If the model’s behavior can be manipulated—through poisoned training data, compromised fine-tunes, tampered embeddings or malicious “updates” in the model supply chain—th...
