Exfiltration

Type: tactic

Description: The adversary is trying to steal data or other information from your genai system.

Version: 0.1.0

Created At: 2024-10-11 16:54:32 +0300

Last Modified At: 2024-10-11 16:54:32 +0300

Tactic Order: 13

External References

Related Objects

• <-- Granular Clickable Link Rendering (technique): An adversary can exfiltrate data by asking questions about it and using the answers to choose which URL will be rendered to the user.
• <-- Granular Web Request Triggering (technique): An adversary can exfiltrate data by asking questions about it and using the answers to choose which URL will be visited.
• <-- Web Request Triggering (technique): An adversary can exfiltrate data by embedding it in a URI and triggering the AI system to query it via its browsing capabilities.
• <-- Clickable Link Rendering (technique): An adversary can exfiltrate data by embedding it in the parameters of a URL, and getting AI to render it as a clickable link to the user, which clicks it.
• <-- Write Tool Invocation (technique): An adversary can exfiltrate data by encoding it into the input of an invocable tool capable performing a write operation.
• <-- Image Rendering (technique): An adversary can exfiltrate data by embedding it in the query parameters of an image, and getting AI to render it.

Related Frameworks

• MITRE ATLAS - AML.TA0009
• MITRE ATT&CK - TA0009