Study Maps Hidden Threats Behind Large Language Models, Calls for Coordinated Security and Ethical Oversight

A systematic review published in Frontiers of Engineering Management (2025) has mapped the dual nature of large language models (LLMs), identifying how these tools empower innovation while simultaneously enabling serious security and ethical threats. The study, conducted by researchers from Shanghai Jiao Tong University and East China Normal University, screened over 10,000 documents and distilled 73 key works to summarize risks such as phishing attacks, malicious code generation, data leakage, hallucination, social bias, and jailbreaking. The research, available at https://doi.org/10.1007/s42524-025-4082-6, categorizes LLM-related security threats into misuse-based risks and malicious attacks targeting models directly.

Misuse includes phishing emails crafted with near-native fluency, automated malware scripting, identity spoofing, and large-scale false information production. Malicious attacks occur at both data/model levels—such as model inversion, poisoning, and extraction—and user interaction levels including prompt injection and jailbreak techniques. These attacks can access private training data, bypass safety filters, or induce harmful content output, threatening data security, public trust, and social stability. The study emphasizes that without systematic regulation and defense mechanisms, LLM misuse may undermine the very sectors it aims to transform, from education and healthcare to digital governance.

On defense strategies, the review summarizes three mainstream technical approaches: parameter processing, which removes redundant parameters to reduce attack exposure; input preprocessing, which paraphrases prompts or detects adversarial triggers without retraining; and adversarial training, including red-teaming frameworks that simulate attacks for robustness improvement. Detection technologies like semantic watermarking and CheckGPT can identify model-generated text with up to 98–99% accuracy. However, the research notes that defenses often lag behind evolving attack techniques, indicating an urgent need for scalable, low-cost, multilingual-adaptive solutions.

The authors argue that technical safeguards must coexist with ethical governance, as hallucination, bias, privacy leakage, and misinformation represent social-level risks, not merely engineering problems. To ensure trust in LLM-based systems, future models should integrate transparency, verifiable content traceability, and cross-disciplinary oversight. Ethical review frameworks, dataset audit mechanisms, and public awareness education will become essential in preventing misuse and protecting vulnerable groups. The study suggests that secure and ethical development of LLMs will shape how societies adopt AI, with robust defense systems potentially protecting financial systems from phishing, reducing medical misinformation, and maintaining scientific integrity.

Watermark-based traceability and red-teaming may become industry standards for model deployment, according to the researchers. They encourage future work toward AI responsible governance, unified regulation frameworks, safer training datasets, and model transparency reporting. If well-managed, LLMs can evolve into reliable tools supporting education, digital healthcare, and innovation ecosystems while minimizing risks linked to cybercrime and social misinformation. The findings highlight that the future of LLMs will rely on coordinated security design, ethical oversight, and technical safeguards to ensure responsible development and deployment across global applications.