A significant finding of the report revealed that approximately 17 percent of participants managed to deceive the GenAI bot at all levels, emphasizing the potential risk to organizations that employ these bots. John Blythe, director of cyber psychology at Immersive Labs, mentioned that the public was invited to a challenge where they were tasked with tricking the bot into disclosing the password. The challenge comprised 10 stages of increasing difficulty, allowing participants to employ their creativity to achieve their goal without any specific instructions. The report’s results indicate that individuals without expertise in cybersecurity or prompt injection attacks can harness their creativity to outsmart bots.
This suggests that the barrier to exploiting GenAI using prompt injection attacks may be lower than anticipated. Blythe expressed the belief that people have a natural inclination for social engineering, utilizing similar techniques found in phishing emails to deceive others, which extends to their interaction with bots. This underscores the tendency for people to engage with bots in a manner akin to how they interact with other individuals.