Cost Inflation Attacks
T14 · Infrastructure & Economic Warfare →AI infrastructure pricing creates an amplification vulnerability: the cost of generating a request is negligible compared to the cost of serving it. A single API call costing the attacker fractions of a cent may consume dollars in GPU compute on the victim's account. Cost inflation attacks exploit this asymmetry by maximizing resource consumption against a target's billing account — either through compromised credentials, abused free tiers, or manipulation of autoscaling and billing systems.
- Billing anomaly detection — alert on daily spend exceeding 2x historical baseline
- Instance provisioning monitoring — flag GPU instance creation from unusual regions/accounts/times
- Egress volume tracking — alert on data egress exceeding normal patterns
- Training job audit — verify all running training jobs against authorized schedules
Cost inflation chains from T14-AT-001 (GPU Farm Hijacking) when stolen credentials are used for billing fraud rather than compute theft. Chains into T14-AT-006 (Competitive Sabotage) when cost inflation is targeted at a competitor's AI operations to force budget reductions.