AI Browsers Exposed: Your Data at Risk of Hacking

Gartner Warns Organizations to Block AI Browsers

A recent warning from Gartner has raised concerns about the use of AI browsers in organizations. According to the analyst firm, these browsers pose significant risks, including data exposure, leakage of financial information, and the potential for credentials to be compromised.

The researchers at Gartner, including Dennis Xu, Evgeny Mirolyubov, and John Watts, emphasized that "default AI browser settings prioritize user experience over security." This focus on convenience can lead to vulnerabilities that malicious actors could exploit.

Risks Associated with AI Browsers

AI browsers such as OpenAI’s ChatGPT Atlas are designed to increase efficiency by using autonomous navigation, workflows, and data collection. However, they can be manipulated by malicious websites to collect and transfer sensitive information, including bank account details, login credentials, and emails.

One of the key features of agentic browsers is their ability to interact with web content using an AI model. This allows them to perform functions like content summarization, data gathering, translation, and search capabilities. Additionally, these browsers can complete tasks autonomously on websites, especially within authenticated sessions.

However, many agentic browsers do not allow for the use of AI functions within a local LLM (Large Language Model). As a result, user data—ranging from web content to browsing history and open tabs—is often sent to a cloud-based AI backend. This increases the risk of data exposure unless security and privacy settings are deliberately hardened and centrally managed.

The Responsibility of Organizations

Ultimately, it is up to each organization to assess the back-end services of AI browsers to ensure compliance with cybersecurity and data protection policies. Even if a browser passes these assessments, it can still present additional risks if used improperly.

For instance, users may inadvertently provide the browser with unnecessary amounts of sensitive information simply by having sensitive data open in the same web browser window while using the AI assistant. Furthermore, because agentic browsers can perform actions autonomously, Gartner warns that employees might be tempted to use them for tasks that are mandatory, repetitive, or less interesting, such as cybersecurity training.

Recommendations from Gartner

Gartner advises organizations that continue to use agentic browsers to educate users about the potential risks. Specifically, users should be aware that anything they are viewing could be sent to the AI service backend. This awareness can help prevent highly sensitive data from being active on the browser tab while using the AI browser’s sidebar for summarizing or performing other autonomous actions.

Javvad Malik, Lead Security Awareness Advocate at KnowBe4, commented on the Gartner advisory, stating that "AI features have introduced tension in cybersecurity, requiring people to assess the trade-off between productivity and security risks."

Malik also noted that while agentic browsers promise many features to enhance user experience, the risks associated with them are not yet fully understood. He added that default configurations often prioritize convenience over security, a trend seen in many technologies.

"However, blanket bans are rarely sustainable long-term strategies," Malik said. Instead, he suggested focusing on risk assessments that evaluate the specific AI services powering these browsers. This approach can allow for measured adoption while maintaining necessary oversight.

As AI agents become more prevalent in various aspects of technology, organizations need to develop playbooks to assess, protect, and enable these agents to work within the organization according to their own needs and risk appetite.

Conclusion

The rise of AI browsers brings both opportunities and challenges for organizations. While they offer enhanced functionality and efficiency, they also introduce new security risks that must be carefully managed. By understanding these risks and implementing appropriate safeguards, organizations can better protect their data and maintain a secure digital environment.