New ChatGPT Lockdown Mode to Mitigate Prompt Injection and Data Exfiltration Attacks
\n \t
\n
<\/BR>
\n
\n \t
\n
<\/BR><\/p>\n
OpenAI has released ChatGPT Lockdown Mode, a new security feature designed to limit outbound network access and reduce the risk of data exfiltration from prompt-injection attacks. The feature is now available to eligible personal accounts, self-serve ChatGPT Business users, and managed enterprise workspaces.<\/p>\n
Prompt injection<\/a>, where malicious instructions are embedded in content processed by an AI model, remains a frontier security challenge. Lockdown Mode is specifically engineered to disrupt the final stage of a prompt injection attack: the unauthorized transfer of sensitive data to an attacker-controlled destination via outbound network requests.<\/p>\n Importantly, Lockdown Mode does not prevent prompt injections from entering the model\u2019s context. A malicious payload embedded in a cached webpage, an uploaded PDF, or any other ingested content can still influence model behavior and response accuracy. The feature focuses exclusively on blocking the exfiltration pathway, not the injection vector itself.<\/p>\n When Lockdown Mode is active, the following ChatGPT capabilities are restricted:<\/p>\n Memory, file uploads, conversation sharing, and model training settings are not affected by Lockdown Mode and remain independently configurable.<\/p>\n OpenAI classifies app and connector configurations into risk tiers for Lockdown Mode environments:<\/p>\n For managed workspaces, Lockdown Mode does not automatically disable all connected apps. Administrators must manually configure role-based access controls (RBAC), assign trusted apps, and audit connector permissions to achieve meaningful protection.<\/p>\n Enterprise workspace admins<\/a> can enforce Lockdown Mode by creating a custom role designated as a \u201cLockdown Mode\u201d role and assigning members or groups to it.<\/p>\n The Compliance API Logs Platform provides persistent audit visibility into app usage, shared data, and connected sources independent of Lockdown Mode status.<\/p>\n Notably, Lockdown Mode and Developer Mode are mutually exclusive; enabling one automatically disables the other. Additionally, Lockdown Mode has no effect on Codex network access.<\/p>\n OpenAI acknowledges that Lockdown Mode<\/a> does not guarantee complete protection. Residual risk exists through enabled third-party apps, unforeseen capability combinations, and novel exploitation techniques. Prompt injections hidden in uploaded files can still cause incorrect or manipulated AI responses even with Lockdown Mode active.<\/p>\n Personal and self-serve Business users can enable the feature via Settings \u2192 Security \u2192 Advanced Security \u2192 Lockdown Mode. Enterprise admins should consult OpenAI\u2019s RBAC documentation and Compliance API guidance for workspace-wide deployment.<\/p>\n Follow us on\u00a0Google News<\/a>,\u00a0LinkedIn<\/a>,\u00a0and\u00a0X<\/a>\u00a0to Get More Instant Updates.<\/strong><\/p>\n The post New ChatGPT Lockdown Mode to Mitigate Prompt Injection and Data Exfiltration Attacks<\/a> appeared first on Cyber Security News<\/a>.<\/p>\n<\/div>\nChatGPT Lockdown Mode<\/strong><\/h2>\n
\n
\n