Cyber Attacks Targeting Generative AI and Agentic AI Frameworks in the Retail Domain and Strategies to Prevent Them

Authors

  • Suresh Kumar Gundala

Keywords:

Adversarial Attacks, Agentic AI, Cybersecurity in Retail, Data Poisoning, Model Resilience

Abstract

The retail sector’s accelerated integration of generative and agentic artificial intelligence introduces a distinctive cybersecurity challenge: the exploitation of open consumer interactions as vectors for attacking the models themselves. Unlike enterprise environments with controlled access, retail platforms operate in dynamic conditions where large volumes of anonymous and guest users interact continuously.  Such an open structure exposes many attack surfaces, making it possible for adversaries to launch large-scale attacks involving data poisoning, adversarial prompt injection, and input manipulations. These kinds of attacks affect not only the reliability of the systems but also result in influencing the decision-making process and eventually cause fraud, bad advice, biased models, and similar problems. This article recommends adopting a hierarchical security framework, which includes strict data validation, persistent monitoring of the model performance, adversarial machine learning tools, and governance-related security measures. In relation to the application of threat modeling and defense techniques in the retail sector, the research presents an adequate foundation for building trustworthy agentic AI systems. Retail requires a flexible security strategy that evolves according to the methods employed by the attackers to stay competitive amidst advances in the manipulation methods. The adoption of governance methods alongside technology ensures greater clarity, compliance, and trust among consumers for using automation. The multi-faceted model involves rigorous surveillance, adversarial capabilities, and governance-based approaches, creating an all-encompassing framework for achieving security during the integration of agentic AI within retail activities.

Downloads

Download data is not yet available.

References

Mueen Uddin et al., “Generative AI revolution in cybersecurity: a comprehensive review of threat intelligence and operations,” Artificial Intelligence Review, vol. 58, article no. 236, May 2025. https://link.springer.com/article/10.1007/s10462-025-11219-5

Ziying Yang et al., “Invisible Threats in the Data: A Study on Data Poisoning Attacks in Deep Generative Models,” Applied Sciences, vol. 14, no. 19, p. 8742, Sep. 2024. https://www.mdpi.com/2076-3417/14/19/8742?utm_source=copilot.com

Vitalii Fishchuk and Daniel Braun, “Robustness of generative AI detection: adversarial attacks on black‑box neural text detectors,” International Journal of Speech Technology, vol. 27, pp. 861–874, Oct. 2024. https://link.springer.com/article/10.1007/s10772-024-10144-2

Geeta Sandeep Nadella et al., “Generative AI‑Enhanced Cybersecurity Framework for Enterprise Data Privacy Management,” Computers, vol. 14, no. 2, p. 55, Feb. 2025. https://www.mdpi.com/2073-431X/14/2/55

Garima Agrawal, Amardeep Kaur, and Sowmya Myneni, “A Review of Generative Models in Generating Synthetic Attack Data for Cybersecurity,” Electronics, vol. 13, no. 2, p. 322, Jan. 2024. https://www.mdpi.com/2079-9292/13/2/322

Ajay Bandi et al., “The rise of agentic AI: A review of definitions, frameworks, architectures, applications, evaluation metrics, and challenges,” Future Internet, vol. 17, no. 9, p. 404, Sept. 4, 2025.

https://www.mdpi.com/1999-5903/17/9/404

Vijay Kanabar and Kalinka Kaloyanova, “Securing Generative AI Systems: Threat‑Centric Architectures and the Impact of Divergent EU–US Governance Regimes,” Journal of Cybersecurity and Privacy, vol. 6, no. 1, p. 27, Feb. 2026. https://www.mdpi.com/2624-800X/6/1/27

Peter Adebowale Olujimi et al., “Agentic AI Frameworks in SMMEs: A Systematic Literature Review of Ecosystemic Interconnected Agents,” AI, vol. 6, no. 6, p. 123, Jun. 2025. https://www.mdpi.com/2673-2688/6/6/123

Ed Kamya Kiyemba Edris, “Utilisation of Artificial Intelligence and Cybersecurity Capabilities: A Symbiotic Relationship for Enhanced Security and Applicability,” Electronics, vol. 14, no. 10, p. 2057, May 2025. https://www.mdpi.com/2079-9292/14/10/2057

Abhinav Tiwari and Hany E. Z. Farag, “A Responsible Generative Artificial Intelligence Based Multi‑Agent Framework for Preserving Data Utility and Privacy,” AI, vol. 7, no. 1, p. 1, Dec. 2025. https://www.mdpi.com/2673-2688/7/1/1

Nicolas Papernot et al., “Practical black‑box attacks against machine learning,” in Proceedings of the 2017 ACM Asia Conference on Computer and Communications Security (ASIA CCS ’17), pp. 506–519, Apr. 2, 2017.https://dl.acm.org/doi/10.1145/3052973.3053009

Edi Marian Timofte et al., “Federated Learning for Cybersecurity: A Privacy‑Preserving Approach,” Applied Sciences, vol. 15, no. 12, p. 6878, Jun. 2025. https://www.mdpi.com/2076-3417/15/12/6878

Yang et al., “A Deep Reinforcement Learning Framework for Influence Maximization Problems on Large‑Scale Social Networks,” Scientific Reports, vol. 16, Article number: 11515, Mar. 2026. https://www.nature.com/articles/s41598-026-41731-9?utm_source=copilot.com

Downloads

Published

14.02.2026

How to Cite

Suresh Kumar Gundala. (2026). Cyber Attacks Targeting Generative AI and Agentic AI Frameworks in the Retail Domain and Strategies to Prevent Them. International Journal of Intelligent Systems and Applications in Engineering, 14(1s), 1208–1215. Retrieved from https://ijisae.org/index.php/IJISAE/article/view/8333

Issue

Vol. 14 No. 1s (2026)

Section

Research Article

License

Creative Commons License

This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.

All papers should be submitted electronically. All submitted manuscripts must be original work that is not under submission at another journal or under consideration for publication in another form, such as a monograph or chapter of a book. Authors of submitted papers are obligated not to submit their paper for publication elsewhere until an editorial decision is rendered on their submission. Further, authors of accepted papers are prohibited from publishing the results in other publications that appear before the paper is published in the Journal unless they receive approval for doing so from the Editor-In-Chief.

IJISAE open access articles are licensed under a Creative Commons Attribution-ShareAlike 4.0 International License. This license lets the audience to give appropriate credit, provide a link to the license, and indicate if changes were made and if they remix, transform, or build upon the material, they must distribute contributions under the same license as the original.