How to manage the growing risks of AI exploitation

Artificial intelligence (AI) continues to rapidly evolve, unlocking incredible opportunities, but at the same time exposing companies and the public to unprecedented risks. Large Language Models (LLMs) are the backbone of many AI tools, making them especially vulnerable targets for exploitation by malicious actors.  

As AI adoption surges, so too does the race for companies to launch advanced AI chat tools and other systems quickly to stay ahead of competitors. This has led to AI developing faster than security controls. Without these frameworks and sufficient testing regimens in place, this leaves a significant attack surface for threat actors to leverage to cause harm.  

The growing risks of AI exploitation

Despite efforts to implement guardrails, many AI models, particularly LLMs, remain highly susceptible to ‘jailbreaking’ - techniques that override built-in content filters and protections. Malicious threat actors can therefore misuse AI models to generate illegal or unethical content, such as instructions on creating homemade explosives or poisons, or extremist propaganda manifestos inciting violence. Such breaches carry severe risks, including financial loss and reputational damage for the associated companies and their users.

As of mid-2025, there are no comprehensive regulations yet governing the ethical use or security of AI models, largely due to the speed of AI innovation.  

Without regulatory standards in place, there are no enforced requirements to ensure AI models are secure or resilient by design. As a result, developers can inadvertently release systems that are highly vulnerable to misuse, exposing organisations to risks such as reputational damage and financial loss.

Techniques used by threat actors to exploit AI systems

Threat actors are leveraging AI in increasingly sophisticated ways. Semi-automated phishing campaigns facilitated and scaled by AI can target specific organisations with ease, while coordinated disinformation campaigns can pollute training data, effectively ‘poisoning’ AI models with biased or false information. Deepfakes and illicit AI-generated content related to child sexual abuse material (CSAM) also proliferate in dark corners of the internet, which has proven very difficult to control.

Attackers can exploit both technical vulnerabilities and social engineering techniques to break AI guardrails. For example, subtle prompt manipulation, such as using hypothetical framing, can coax an AI model into providing harmful content. Bugs within models can also allow threat actors to capture or reconstruct responses that should have been blocked by the system.

Why does this matter to CEOs and executives?

For organisational leaders, these risks translate into significant threats to operational security, regulatory compliance, and brand integrity. Any company using AI technology is a potential target. As AI systems grow more integrated into business functions, the fallout from exploitation can be significant and costly.

Understanding and identifying red flags—such as suspicious spikes in AI-generated content or signs of prompt tampering—is critical. However, effectively defending AI models against malicious state and non-state threat actors requires proactive threat investigation and specialised expertise. 

AI Threat Investigation

At PGI, we understand the complex landscape of AI threats and the urgent need for effective risk management. Our AI Threat Investigation service provides continuous monitoring, detection, and analysis of suspicious AI-related activities, helping you uncover and mitigate emerging threats before they escalate.

Our AI Red Teaming service stress tests your AI models by simulating adversarial actor techniques, including jailbreaking attempts, to identify vulnerabilities in your AI guardrails. Our experts apply real-world tactics, such as prompt manipulation, exploiting model bugs, and evading content filters, to uncover model vulnerabilities. This proactive approach helps you strengthen your AI tool and reduce your attack surface.

In the high-stakes environment of AI, you can’t afford to be reactive or make assumptions that your AI tool is safe. According to our Digital Investigations analysts, most models that PGI has tested has been easy to 'jailbreak' – raising the concern that many AI systems are not yet secure against exploitation.

Investing in proactive threat detection and testing is critical to ensuring your AI systems operate safely and ethically as these threats continue to evolve.