Wiz uncovers security flaws at AI-as-a-Service platform Hugging Face
Wiz uncovers security flaws at AI-as-a-Service platform Hugging Face
“Our research with Hugging Face carries much broader takeaways for the industry, because these security issues could affect any AI-as-a-service provider. It's an important reminder that amid the AI boom, we must enforce mature regulation and security practices,” said Shir Tamari, Head of Research at Wiz
The research team at cybersecurity decacorn Wiz revealed on Thursday that it found two critical risks present in Hugging Face’s environment that they could have taken advantage of. Hugging Face, that develops and maintains natural language processing (NLP) models and tools and works with the likes of Meta, Microsoft and Google, were found to have vulnerabilities that could have allowed attackers to access millions of private AI models and apps stored within systems.
According to Wiz, they uncovered a shared inference infrastructure takeover risk and a shared CI/CD takeover risk. AI Inference is the process of using an already-trained model to generate predictions for a given input. Wiz found that inference infrastructure often runs untrusted, potentially malicious models. In addition, compiling malicious AI applications also represents a major risk as attackers may attempt to takeover the CI/CD pipeline itself and perform a supply chain attack.
“Our research with Hugging Face carries much broader takeaways for the industry, because these security issues could affect any AI-as-a-service provider. It's an important reminder that amid the AI boom, we must enforce mature regulation and security practices,” said Shir Tamari, Head of Research at Wiz. “Wiz recommends that providers who run users' AI models in a shared environment assess their environment for similar issues and address them through isolation and segmentation. Isolation is the key: without it, a potential threat actor could upload a malicious model to the service, run arbitrary code, and perform lateral movement to access sensitive information of other customers or the service itself.”
Hugging Face has recently implemented Wiz CSPM and Vulnerability scanning to proactively identify and mitigate some of the identified risks discovered. In addition, Hugging Face is also currently going through its annual penetration test to ensure identified items have been sufficiently mitigated.