- Gartner warns organizations to block AI browsers
- AI browsers can blackmail data, leak financial information, and hand over credentials
- Employees can complete cybersecurity training using AI browsers
Analyst firm Gartner advised organizations to block the use of AI browsers, warning of the potential for data leaks and autonomous actions performed by agent browsers on malicious websites.
The main observation from Research VP Dennis Xu, Senior Director Analyst Evgeny Mirolyubov, and VP Analyst John Watts was that “default AI browser settings prioritize user experience over security.”
AI browsers, such as OpenAI's ChatGPT Atlas, are often used to increase efficiency using autonomous navigation, workflows, and data collection, but they can be fooled by malicious web pages to collect and transfer sensitive information such as bank account details, credentials, and emails.
“I’m glad I was able to hack it 🙂”
Gartner analysts summarize that the agent browser includes two key features.
- Ability to interact with web content using developer AI models. It provides features such as content summarization, data collection, translation, and search functionality.
- The ability to autonomously complete tasks on a website, especially within an authenticated session.
Many agent browsers do not allow the use of AI features within local LLM. This means that user data, from web content to browsing history to open tabs, is “often sent to cloud-based AI backends, increasing the risk of data breaches unless security and privacy settings are intentionally hardened and centrally managed.”
Ultimately, it will be each organization's responsibility to perform an evaluation of their AI browser backend services to ensure compliance with their organization's cybersecurity and data protection policies. But even if passed, it could be used in ways that pose additional risks to organizations.
In this case, the user could be providing an unnecessary amount of sensitive information to the browser simply by opening sensitive data in the same web browser window while using the browser's AI assistant.
Additionally, because agent browsers can complete actions autonomously, Gartner warns that employees may be “tempted to use AI browsers to automate certain tasks that are essential, repetitive, and of limited interest, such as cybersecurity training.”
Gartner suggests that organizations that continue to use Agent Browser should “educate users that while using the AI Browser sidebar to perform summaries or other autonomous actions, anything they view may be sent to the AI service backend to ensure that sensitive data is not active on the browser tab.”
Javad Malik, Lead Security Awareness Advocate at KnowBe4, commented on Gartner's recommendations:
“AI capabilities bring tension to cybersecurity and people need to evaluate trade-offs between productivity and security risks. Agent browsers promise many features that improve the user experience, but we are still in the early stages, the risks are not well understood, and default settings prioritize convenience over security, as we see with many technologies.”
“However, blanket bans are rarely a sustainable strategy in the long term. Instead, we should focus on risk assessments that evaluate the specific AI services powering these browsers. This will allow for careful deployment while maintaining the necessary oversight. We know that more and more AI agents are making their way into every aspect of technology, so organizations should assess and protect them and There needs to be a playbook in place that allows agents to function within the organization according to their unique needs and risk appetite.”
via register
The perfect business laptop for every budget
