{"id":2850,"date":"2025-09-17T11:55:13","date_gmt":"2025-09-17T11:55:13","guid":{"rendered":"https:\/\/ft365.org\/index.php\/2025\/09\/17\/a-quarter-of-uk-and-us-firms-suffer-data-poisoning-attacks\/"},"modified":"2025-09-17T11:55:13","modified_gmt":"2025-09-17T11:55:13","slug":"a-quarter-of-uk-and-us-firms-suffer-data-poisoning-attacks","status":"publish","type":"post","link":"http:\/\/ft365.org\/index.php\/2025\/09\/17\/a-quarter-of-uk-and-us-firms-suffer-data-poisoning-attacks\/","title":{"rendered":"A Quarter of UK and US Firms Suffer Data Poisoning Attacks"},"content":{"rendered":"<div>\n<p><img decoding=\"async\" src=\"https:\/\/ft365.org\/wp-content\/uploads\/2025\/06\/localimages\/ea721ff9-8ba4-4d88-b386-57e9e1606077.jpg?width=64&#038;height=64&#038;mode=crop&#038;scale=both&#038;format=webp\" alt=\"Photo of Phil Muncaster\" loading=\"lazy\"><\/p>\n<\/div>\n<div id=\"cphContent_pnlArticleBody\" data-layout-id=\"2\" data-edit-folder-name=\"text\" data-index=\"0\">\n<p>British and American cybersecurity leaders are increasingly concerned about their expanding AI attack surface, particularly unsanctioned use of AI tools and attempts to corrupt training data, according to new IO research.<\/p>\n<p>The security and compliance specialist polled 3000 IT security leaders on both side of the Atlantic to compile its third annual <em>State of Information Security Report<\/em>, which was published this morning.<\/p>\n<p>It revealed that just over a quarter (26%) have suffered a data poisoning attack, which occurs when threat actors seek to interfere with model training data in order to alter its behavior.<\/p>\n<p>Such attacks could be launched to sabotage organizations that rely on AI models, or else support threat actors in more targeted ways, such as causing malware-detection systems to misfire.<\/p>\n<p>Data poisoning attacks were hitherto thought to be more theoretical than widespread.<\/p>\n<p><em>Read more on AI threats: Talent Shortages Bite as 80% of UK Firms Hit with AI Threats<\/em><\/p>\n<p>The IO report also revealed that 37% of enterprises are seeing employees use generative AI (GenAI) tools in the enterprise without permission.<\/p>\n<p>This kind of shadow AI can introduce major risks associated with data leakage and compliance infringements, as well as potential vulnerabilities if the GenAI tool in question is not safe.<\/p>\n<p>DeepSeek\u2019s flagship LLM R1 was found earlier this year to contain multiple vulnerabilities. The firm also\u00a0accidentally exposed\u00a0a database of chat histories and other sensitive user information.<\/p>\n<h2>Concerns and Confidence in the Future<\/h2>\n<p>The report\u2019s respondents seemed conflicted over their attitudes to AI. On the one hand, they cited the biggest emerging cybersecurity threats for the coming year as AI-generated phishing (38%) and misinformation (42%), shadow AI (34%)\u00a0and deepfake impersonation in virtual meetings (28%).<\/p>\n<p>However, incidents of deepfake-related attacks actually fell from 33% last year to 20% this, according to IO.<\/p>\n<p>Moreover, respondents appeared bullish about the future. The vast majority said they feel \u201cprepared\u201d\u00a0to defend against AI-generated phishing (89%), deepfake impersonation (84%), AI-driven malware (87%) and misinformation (88%), shadow AI (86%) and data poisoning (86%).<\/p>\n<p>Three-quarters (75%) said\u00a0they are putting in place acceptable usage policies for AI, which should at least help mitigate unsanctioned use of tools.<\/p>\n<p>Chris Newton-Smith, CEO of IO, described AI as a double-edged sword.<\/p>\n<p>\u201cWhile it offers enormous promise, the risks are evolving just as fast as the technology itself. Too many organizations rushed in and are now paying the price,\u201d he added.<\/p>\n<p>\u201cData poisoning attacks, for example, don\u2019t just undermine technical systems, but they threaten the integrity of the services we rely on. Add shadow AI to the mix, and it\u2019s clear we need stronger governance to protect both businesses and the public.\u201d<\/p>\n<\/p><\/div>\n","protected":false},"excerpt":{"rendered":"<p>British and American cybersecurity leaders are increasingly concerned about their expanding AI attack surface, particularly unsanctioned use of AI tools and attempts to corrupt training data, according to new IO research. The security and compliance specialist polled 3000 IT security leaders on both side of the Atlantic to compile its third annual State of Information<\/p>\n","protected":false},"author":2,"featured_media":2851,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-2850","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-uncategorized"],"featured_image_urls":{"full":["http:\/\/ft365.org\/wp-content\/uploads\/2025\/09\/2850-20f37c56-cc46-401b-8135-fda4aa4e004c.jpg",300,300,false],"thumbnail":["http:\/\/ft365.org\/wp-content\/uploads\/2025\/09\/2850-20f37c56-cc46-401b-8135-fda4aa4e004c-150x150.jpg",150,150,true],"medium":["http:\/\/ft365.org\/wp-content\/uploads\/2025\/09\/2850-20f37c56-cc46-401b-8135-fda4aa4e004c.jpg",300,300,false],"medium_large":["http:\/\/ft365.org\/wp-content\/uploads\/2025\/09\/2850-20f37c56-cc46-401b-8135-fda4aa4e004c.jpg",300,300,false],"large":["http:\/\/ft365.org\/wp-content\/uploads\/2025\/09\/2850-20f37c56-cc46-401b-8135-fda4aa4e004c.jpg",300,300,false],"1536x1536":["http:\/\/ft365.org\/wp-content\/uploads\/2025\/09\/2850-20f37c56-cc46-401b-8135-fda4aa4e004c.jpg",300,300,false],"2048x2048":["http:\/\/ft365.org\/wp-content\/uploads\/2025\/09\/2850-20f37c56-cc46-401b-8135-fda4aa4e004c.jpg",300,300,false],"morenews-featured":["http:\/\/ft365.org\/wp-content\/uploads\/2025\/09\/2850-20f37c56-cc46-401b-8135-fda4aa4e004c.jpg",300,300,false],"morenews-large":["http:\/\/ft365.org\/wp-content\/uploads\/2025\/09\/2850-20f37c56-cc46-401b-8135-fda4aa4e004c.jpg",300,300,false],"morenews-medium":["http:\/\/ft365.org\/wp-content\/uploads\/2025\/09\/2850-20f37c56-cc46-401b-8135-fda4aa4e004c.jpg",300,300,false],"crawlomatic_preview_image":["http:\/\/ft365.org\/wp-content\/uploads\/2025\/09\/2850-20f37c56-cc46-401b-8135-fda4aa4e004c-146x146.jpg",146,146,true]},"author_info":{"display_name":"henry","author_link":"http:\/\/ft365.org\/index.php\/author\/henry\/"},"category_info":"<a href=\"http:\/\/ft365.org\/index.php\/category\/uncategorized\/\" rel=\"category tag\">Uncategorized<\/a>","tag_info":"Uncategorized","comment_count":"0","_links":{"self":[{"href":"http:\/\/ft365.org\/index.php\/wp-json\/wp\/v2\/posts\/2850","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/ft365.org\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/ft365.org\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/ft365.org\/index.php\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"http:\/\/ft365.org\/index.php\/wp-json\/wp\/v2\/comments?post=2850"}],"version-history":[{"count":0,"href":"http:\/\/ft365.org\/index.php\/wp-json\/wp\/v2\/posts\/2850\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"http:\/\/ft365.org\/index.php\/wp-json\/wp\/v2\/media\/2851"}],"wp:attachment":[{"href":"http:\/\/ft365.org\/index.php\/wp-json\/wp\/v2\/media?parent=2850"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/ft365.org\/index.php\/wp-json\/wp\/v2\/categories?post=2850"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/ft365.org\/index.php\/wp-json\/wp\/v2\/tags?post=2850"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}