Small Language Models and their implication for OT security

While Small Language Models (SLMs) are often considered more secure (in some ways) or even harmless than their larger counterparts, it is possible to weaponize SLMs easily to target OT infrastructure. In our latest blog post, we uncover the cybersecurity dimensions of SLMs and what security measures can be deployed by OT operators to secure their infrastructure against SLM-based attacks.

Understanding the threats associated with SLMs

· Data gathering: SLMs can be trained to gather (or exfiltrate) data about specific businesses and vulnerable target within such organisations. For instance, a hiring manager can be a target for a malicious payload embedded in a resume document.

· Social Engineering: The above data can also be used to train SLMs to create highly convincing and personalized phishing emails, messages, calls or even deepfake audio/video. Due to the small size of the SLMs, they can be trained faster. SLMs can also be used to detect and scrape leaked passwords belonging to target individuals from the web and Dark Web.

· Vulnerability Scanning and Exploit Generation: Bad actors can use SLMs as "persistent attack agents" to discover vulnerabilities, unpatched systems or systems undergoing maintenance without adequate controls. By training an SLM on network configuration data, bug reports, and code, it can quickly identify multiple weaknesses in a system and generate probable attack paths for threat actors to exploit. Further, SLMs can be used to generate malicious code or adapt existing exploits to bypass security measures.

· Attacks on SLMs: The models themselves can be a target. Attackers can use techniques like prompt injection, where a malicious prompt is crafted to force the SLM to perform unintended actions, or data poisoning, where malicious data is injected into the training set to manipulate the model's behaviour and outputs. When deployed in a connected environment,

· SLMs can also be used to find out zero days in devices

· Denial of Service (DoS) Attacks: SLMs can be used to generate a massive volume of queries or requests within a short period of time to overwhelm a server, making a service unavailable to legitimate users.

· Supply chain attacks: SLMs can also be embedded by bad actors in components that may form part of a critical system as backdoors to be exploited later

As mentioned in our OT security threat landscape report, SLMs are also aiding threat actors in planning breach campaigns at scale. Mini SLMs are also being crafted to act as malware assemblers and/or to identify open ports or points of entry into a target network. At least two APT groups have built their own mini SLMs and are actively using it to scout for new malware variants to harvest in the wild.

How can OT operators protect their infrastructure against threats from AI and SLMs?

· SLMs and use of AI in general should be considered as an activity that requires prior approval and exception clearance. By default, AI and SLMs should be considered as less than secure options for association with any business activity  

· Ensure OT security audits are done periodically: By conducting IEC 62443-based assessments, OT operators can ensure security risks are identified and remedied well before they are exploited. The risk assessment vendor should be fluent in IEC 62443 especially in conducting OT risk assessment based on IEC 62443 2-1, 3-2 and 3-3

· Train employees regularly: Ensure employees are aware of the threats posed by AI usage and do not indulge in behaviors that may compromise data, credentials or any part of the infrastructure

· Use NDR: By use of a Network Detection and Response solution such as Shieldworkz, OT operators can detect any anomalous activity or threat and trigger a proportionate response to contain the threat

· Ensure adequate preparation and Incident Response readiness to deal with any incident involving a breach due to AI.

· Secure crown jewels with additional protection: Use microsegmentation to secure core systems from any unauthorized activity

· Develop and deploy an enterprise-wide OT security policy that is cognizant of the threats posed by AI usage.

Interested in an IEC 62443 based assessment to know your security posture weaknesses? Talk to us

Get a free NIS2 preparedness audit consultation.

Talk to use for an information pack on IEC 62443 and AI security

Learn more about our offerings for OT security.