Palo Alto Networks Unit 42 has developed a proof-of-concept system called Zealot to test whether AI can autonomously hack cloud environments, SecurityWeek reported on April 23.
According to the report, the Unit 42 team tested Zealot in an isolated Google Cloud Platform environment seeded with intentional vulnerabilities. Without providing specific attack methods, they only gave the AI the goal of extracting sensitive data from BigQuery.
Zealot was built with a structure in which a supervisor agent centrally delegates tasks to 3 specialised sub-agents. Each sub-agent handles infrastructure reconnaissance and network mapping, web application attacks and credential extraction, and cloud security operations, respectively. Rather than following prewritten procedures, it dynamically adjusts its strategy based on information each agent discovers.
Without instructions, Zealot scanned the network on its own and found connected virtual machines. It identified a web application vulnerability and stole credentials, and when it encountered access barriers it granted itself additional privileges and succeeded in extracting the target data.
The most notable finding was that Zealot did not merely follow instructions but acted spontaneously, SecurityWeek said.
After taking over a virtual machine, Zealot planted its own private SSH key to secure a persistent access path. That action was not part of the original mission. The research team described it as ’emergent intelligence’ in which the AI created a new attack strategy on its own.
However, Zealot sometimes fixated on irrelevant goals and fell into unproductive loops, requiring human intervention, SecurityWeek said.
The team said existing detection systems built on human attacker behaviour patterns make it difficult to detect AI-driven intrusions that move far faster and leave different digital traces. It recommended cloud privilege audits, restricting access to metadata services and adopting AI-based defence systems.
Click Here For The Original Source.
