The explosion of generative AI is triggering a new wave of innovation for organizations. Rob Futrick, EVP of engineering at Anaconda, shares why those looking to benefit from the tech must ensure their OSS supply chain is secure.
The explosion of generative AI over the last year is triggering a new wave of innovation for many organizations. Still, before benefiting from the technology, many must contend with lagging open-source software (OSS) security standards. As organizations race to implement generative AI into their products and workstreams, most will run squarely into potential open-source software security risks if they are not prepared. To avoid another Log4j moment, we must take action.
The good news is that taking advantage of the power of OSS in a secure, scalable way is possible. In this piece, we’ll examine the current state of OSS security, the new threats surrounding AI and LLMs (large language models) that technology leaders should know, and practical ways to secure your open-source supply chain.
The Current State of OSS Security
Found in 67.5% of data and IT pros’ workflows, OSS technologies are foundational to business operations. However, businesses don’t feel equipped to address associated OSS security concerns. Only 18% of IT administrators feel very confident in their abilities to identify and remediate OSS vulnerabilities, according to Anaconda’s State of Data Science report.
Today, many open-source security checks are done manually. With more than 70 new common vulnerabilities and exposures (CVEs) announced every day, managing these vulnerabilities can quickly become a full-time job. The pace of change in OSS is constant, which makes it difficult for security teams to balance pressing business needs and user demands for these tools with the safety and security of the organization. Feeling outpaced yet pressured to accelerate AI adoption, organizations could soon find themselves with brand new data management risks.
Securing OSS is no easy feat; nearly two years after the Log4j incident, cybercriminals are still finding ways to exploit the Log4Shell vulnerability. Fortunately, more comprehensive industry frameworks can help manage OSS and the broader software supply chain. Proposals like the Securing Open Source Software Act and ongoing guidance from agencies like the National Institute of Standards and Technology (NIST) offer actionable steps for setting up an OSS governance program.
AI Usage is Advancing OSS Risks
While incredibly powerful tools, the rise in generative AI tools has drawn increased attacks targeting the open-source large language models (LLMs) that these tools are built on. Most organizations don’t see sufficient ROI in creating and maintaining new, proprietary foundational models. Instead, many prefer to integrate open-source LLMs into their business applications and workflows. The growth in open-source LLM adoption makes them tempting targets for would-be cybercriminals.
One technique seeing success is prompt injections, in which hackers use a series of prompts that the model can’t decipher to manipulate an LLM’s output. There’s also potential for LLM’s restrictions to be bypassed. This means that should a successful prompt injection bypass restrictions for a public model, businesses that use that model within their stack are now inadvertently at risk.
Other techniques targeting open-source software are also on the rise. For example, a recent typosquatting and starjacking attack targeting a popular open-source Python package used in data analysis and AI demonstrates how these threats can be challenging to spot and quickly proliferate. With the introduction of generative AI, cybercriminals can rapidly scale the sophistication of their attacks and create more traps for organizations of all sizes to fall victim to.
Despite these risks, AI usage is only expected to rise, which means open-source software adoption will increase, too. To manage these risks effectively while supporting internal innovation, security teams will have to work diligently to vet the tools used by their teams and create guardrails of trust for others to work within.
See More: A Three-layered Model of AI Governance
Persistent Techniques Targeting OSS
A deeper understanding of attacks targeting the software supply chain puts businesses in a better position to mitigate these threats in the future. IT and security teams must know the risks to their OSS environments, especially as cybercriminals continue utilizing AI to advance their methods.
So, what are some common attack techniques the OSS industry is facing?
Typosquatting, a social engineering attack, is where bad actors create fake websites with URLs that use common misspellings of legitimate web addresses. The goal is to lure victims into inputting personal information or downloading malicious packages. This technique is also used in the software community to impersonate popular packages to trick users into installing malicious code.
Dependency confusion, a vulnerability that replaces software packages with malicious ones, takes advantage of developer reliance on third-party libraries and dependencies. Hackers insert malware or malicious code into popular repositories that, once installed, enable them to steal sensitive information and even gain access to critical systems.
Author compromise is a technique where attackers pose as legitimate package authors to spread malicious activity. Hackers create fake profiles on developer collaboration platforms to deceive victims, gain sensitive information, or get users to download malicious “bug fixes.”
Techniques like typosquatting, dependency confusion, and author compromise threaten the OSS landscape as they subvert community collaboration as an attack vector.
Securing the Software Supply Chain
As access to emerging technologies like AI grows, we will see the security landscape transform. A foundation of knowledge will help IT and security teams take actionable steps to remain secure against new and novel threats.
Key competencies for building a successful OSS security strategy include:
- Identifying a trusted source for open-source packages: These are developed directly by the author and hosted on a secure infrastructure. Dependency confusion and author compromise attacks highlight the vast risks that can come with package downloads. Having a trusted source minimizes the risk of downloading malicious packages.
- Selecting a vendor with a verifiable software bill of materials (SBOM): SBOMs list the components of a software application. An SBOM contains insights into various areas, including libraries, code packages, patch status, and dependencies. SBOMs can also reduce the internal burden of managing OSS.
- Developing a regular update cadence: Like any other technology, OSS needs to be well maintained. Organizations must establish a consistent maintenance routine to reduce the risks of using an outdated version. Organizations can leverage SBOMs to see when a component needs to be updated easily.
- Selecting a platform that offers common vulnerabilities and exposures (CVEs) curation: Scanning packages for CVEs is a necessary step in OSS security, but it’s not enough. Businesses need a platform that offers access to CVE curation experts to increase accuracy and ensure environments are as secure as possible.
Building a More Secure Future for OSS
As threat actors continue to find ways to leverage AI capabilities to their advantage, organizations must evaluate if existing OSS plans can withstand growing security threats.
Securing OSS is not only a business concern, as The Office of the National Cyber Director (ONCD) recently reiterated; it’s a national security and economic imperative. There’s an urgent need for further technology innovation and collaboration between agencies, the open-source community, and the tech industry to get ahead of the new attacks on the horizon. Only by working together can we overcome the unique challenges posed by AI and build a more secure future for OSS.
Image Source: Shutterstock