Hackers can get top secret company information by 'confiding' with AI chatbot

Artificial intelligence (AI) offers many benefits, and is now being integrated by many businesses to serve end users such as company employees and customers. However, this integration can also create vulnerabilities that allow hackers to attack and steal information from data storage systems.

"Currently, there are many methods of attacking AI models, the most common being 'content poisoning,' a type of attack that seems 'invisible' to traditional information protection systems," warned Mr. Dao Viet Hung, Country Director of Akamai Technologies Vietnam, at the OpenInfra & Cloud Native Day Vietnam 2025 event held on July 26 in Hanoi .

The event was organized by the Vietnam Internet Association (VIA) in collaboration with the Vietnam Open Infrastructure Community (VietOpenInfra), the Vietnam Cloud Computing and Data Center Club (VNCDC), with the support of the Ministry of Science and Technology .

90% of businesses are using open-source platforms or software.

In his opening remarks, Mr. Vu The Binh, Vice President and General Secretary of the Vietnam Internet Association, emphasized the importance of open infrastructure and open source in the national digital transformation process.

In the context of rapidly changing global technology, Mr. Binh stated that open infrastructure continues to develop as a foundation for innovation, with over 90% of businesses using open platforms or software in various forms.

According to a Red Hat survey (2024), 82% of tech leaders view open platforms and software as key to driving digital transformation and accelerating innovation. Platforms such as Kubernetes, OpenStack, Linux, Ceph, and OpenTelemetry are increasingly playing a crucial role in the operation of AI, IoT, 5G/6G, and Cloud Native systems.

"Ten years ago, the cloud might have been mistaken for a cloud in the sky, and open source might have sounded like a 'secret martial arts technique.' But today, we are here, connecting with the global Open Infrastructure community in over 180 countries, working together to transform lines of code into a driving force for innovation," shared Mr. Vu The Binh.

AI chatbots – a "narrow window" for hackers to infiltrate systems.

"Currently, many businesses are strongly applying the benefits of open, responsive platforms with integrated systems like AI chatbots to improve work efficiency and enhance user experience."

It is from this point that many attack methods targeting AI models emerge, including "content poisoning" attacks, warned Dao Viet Hung, country director of Akamai Technologies Vietnam.

He noted that Vietnamese businesses, when deploying AI, still lack sufficient knowledge about this type of attack.

Accordingly, malicious actors use the method of repeatedly asking and re-teaching AI models false information, causing information "poisoning."

If the information on the cloud system has been "infected" but remains undetected and continues to be used, it will provide inaccurate information or exploit this vulnerability to access the database for the purpose of stealing information.

Mr. Dao Viet Hung cited unusual stories, such as when an online sales chatbot system of an automobile company was persuaded to sell a new car for just $1.

The reason is that during the exchange and negotiation process with the chatbot, this customer managed to "bypass" the database and persuade the chatbot to agree to the request.

Another example shows a hacker successfully obtaining all confidential documents and organizational charts of a company simply by crafting suitable questions and sending them to an internal AI chatbot.

Based on that risk, Mr. Dao Viet Hung shared an AI security solution where AI protects AI, a method used by many large businesses worldwide .

With this security method, the stored data incorporates multiple layers of protection, making it difficult to be "infected".

AI security systems can detect which information is clean and which information poses a potential attack risk, and then take quick and appropriate action...