T14-AT-005CRITICAL

Critical Infrastructure Attacks

T14 · Infrastructure & Economic Warfare →

Risk score270

RatingCritical

Procedures10

Severity

Mechanism

AI systems increasingly manage critical infrastructure — power grid load balancing, water treatment chemical dosing, traffic signal optimization, hospital resource allocation. These systems trust their input data and control algorithms implicitly. Attacks target this trust by manipulating AI inputs (sensor data poisoning), compromising AI model integrity (adversarial examples against control models), or exploiting the AI-to-physical-system interface where software decisions become physical actions.

Mitigation

Independent physical safety interlocksCRITICAL

Air-gapped control networksHIGH

Sensor data validationHIGH

Human-in-the-loop for irreversible actionsHIGH

Chaining

Critical infrastructure attacks chain from T14-AT-007 (Nation-State AI Warfare) as strategic objectives and from T14-AT-012 (Cloud Provider Exploitation) when infrastructure AI runs on cloud platforms. Chains into T14-AT-014 (Systemic Risk Creation) when infrastructure failures cascade across interconnected systems.

Framework mapping

OWASP LLMLLM06

MITRE ATLASAML.T0049

Open in the technique browser →