Skip to content

Gartner: Four Threats Where Attackers Currently Have the Upper Hand

In brief: In deepfakes, compromised AI applications, prompt injection, and supply-chain attacks, attackers currently hold a structural advantage over defenders.

Gartner has identified four threats at its Security & Risk Management Summit where organizations are significantly outmatched by attackers: deepfakes, compromised AI applications, prompt injection, and attacks on the software supply chain. Generative AI is substantially intensifying the situation for defenders.

The market research company Gartner classifies these threats in an analysis matrix called “ThreatScape,” which maps two dimensions: on one hand, the volume of reliable information (threat signal) about a threat, and on the other, the ability of organizations to manage it with their own resources. Analyst John Watts points out that the security initiatives of major AI providers generate considerable noise in an already noisy threat landscape. Security leaders must identify the signal in the noise in order to respond to shifts.

Compromised AI applications arise from the growing productive use of AI tools and their expanded attack surface. No longer just publicly accessible services are affected, but also internally built agents, third-party integrations, and employee-facing applications. With weak controls, sensitive data and credentials are left exposed. Gartner recommends applying secure development cycles with threat modeling to AI applications, strengthening data security through better classification, implementing Purpose-Based Access Control (PBAC), and monitoring runtime behavior. The market offers numerous tools from startups to build this infrastructure.

Deepfakes have massively increased in volume, quality, and availability through generative AI, both as pre-produced content and in real time. Attackers use them to circumvent biometric authentication, conduct real-time social engineering against employees, and infiltrate recruitment processes. A single protective measure is not sufficient. A bundle of controls is required: hardened business processes, heightened workforce awareness, and available detection technology. For biometric verification, focus should be on detecting presentation and injection attacks, supplemented by contextual signals. Online meetings can be secured through conditional access policies and metadata analysis.

Attacks on the software supply chain will increase further as generative AI develops, particularly through vulnerabilities in open-source software. Gartner recommends that organizations work toward trusted component registries, harden their CI/CD pipelines, and build robust detection capabilities.


Source: www.it-daily.net · Published June 3, 2026
Lumi AI News — AI-assisted curation pursuant to Art. 50 EU AI Act. Paraphrase and classification by Lumi News Pipeline v1.2.9.

Share on: