Software Supply Chain Risks in Generative AI

The combination of GenAI with the multiple components in the software supply chain introduces risks which need to be addressed to avoid losses

Software Supply Chain Risks in Generative AI

Software Supply Chain,AI Firewall,GenAI,Zero Trust Security,Top 5 LLM Security Risks

March 4, 2024


Gartner report forecasts that by 2025, about half of all organizations will experience a software supply chain attack, highlighted by OpenAI’s temporary shutdown of ChatGPT due to a ‘Redis’ library vulnerability, risking user data exposure.
The software supply chain poses risks to Generative AI (GenAI) due to inherited vulnerabilities, third-party dependencies, an expanded attack surface, the potential for compromised data and code, and regulatory compliance challenges, all of which can significantly impact the security and integrity of GenAI projects..
CISOs See Software Supply Chain Security as Bigger Blind Spot Than GenAI

Why OpenAI disabled ChatGPT?

Today’s software development heavily relies on third-party codes, libraries, and increasingly, Generative AI (GenAI), making it possible to build up to 90% of an app without starting from scratch. This method streamlines app creation and saves time but also raises security risks. A Gartner report predicts that by 2025, nearly half of all organizations will face an attack on their software supply chain, a threat growing in frequency and complexity.

On March 20th, OpenAI briefly disabled ChatGPT due to a vulnerability in the ‘Redis’ open-source library, affecting the software supply chain. This issue led to a breach exposing user data like chat history titles, names, email and payment addresses, credit card types, and the last four digits of card numbers.

How is Software supply chain a risk for GenAI?

Threat to Software Supply Chain poses a risk to GenAI due to:

Inherited Vulnerabilities: Generative AI (GenAI) systems are prone to the same security weaknesses as traditional software, due to shared supply chain components and dependencies.
Third-Party Dependencies: GenAI systems’ reliance on external software components introduces vulnerabilities from the broader software supply chain into GenAI projects.
Expanded Attack Surface: The incorporation of numerous third-party components in GenAI systems enlarges the attack surface, making it more challenging to secure against breaches originating from the supply chain.
Compromised Data and Code: If any part of the supply chain is compromised, whether through malicious code in libraries or tainted datasets, it directly affects the integrity and functionality of GenAI applications.
Regulatory Compliance: The software supply chain’s complexity, including compliance with legal standards for data protection, impacts GenAI projects that use these components, making them susceptible to regulatory risks.

What are some common supply chain attacks?

Cycode’s inaugural 2024 State of ASPM report reveals significant AppSec challenges: 78% of CISOs find current attack surfaces unmanageable, 90% see a need for better security-development team collaboration, and 77% view software supply chain security as a more critical blind spot than Gen AI or open source issues.

Browser-based Attacks: Run harmful code in users’ browsers, targeting JavaScript libraries or extensions, and can steal sensitive information stored in the browser.
Software Attacks: Disguise malware within software updates, as seen in the SolarWinds incident, enabling automatic download and infection of devices.
Open-source Attacks: Exploit vulnerabilities in open-source packages, potentially allowing attackers to modify code or embed malware to gain access to systems.
JavaScript Attacks: Take advantage of vulnerabilities in JavaScript, or insert malicious scripts into webpages that execute upon loading.
Magecart Attacks: Use malicious JavaScript to steal credit card details from online checkout forms through “formjacking.”
Watering Hole Attacks: Target websites frequented by many users to exploit vulnerabilities and distribute malware to visitors.
Cryptojacking: Hijack computational resources for cryptocurrency mining through malicious website code, open-source scripts, or phishing links. offers Zero Trust Security for AI, enabling IT Security to efficiently manage ShadowAI, control AI access, and enforce AI guardrails. It integrates seamlessly with existing security infrastructures, supporting identity platforms like Okta, Google, Active Directory, and network security platforms from Palo Alto, ZScaler, Fortinet, enabling a smooth deployment.

If you’re interested in a deeper discussion or even in contributing to refining this perspective, feel free to reach out to us.

Unlock Zero Trust Security for
GenAI and Data Access
Request a Demo

Read full post