Agentic AI introduces new security challenges in era of MCP and A2A (www.techradar.com)

Agentic AI — systems of autonomous models that discover tools, call other models, and collaborate at machine speed — is creating a new class of security risk: “agent breaches.” With protocols like Anthropic’s MCP, Google’s A2A and IBM’s ACP enabling direct model-to-model communication and dynamic tool discovery, enterprises face attack surfaces that go beyond traditional data exfiltration. Unlike static APIs, MCP-style discovery can let agents interact with unverified tools (raising impersonation risks), A2A blurs accountability across vendor boundaries and model drift can hide proprietary data in summaries. Real-world attack paths include extracting an organization’s agent architecture, stealing agent instructions and tool schemas, or exploiting tool misconfigurations to pivot into corporate networks — all amplified by agents’ speed. Examples: abusive manipulation of a payment agent to escalate fraudulent transactions, or poisoning a data-analysis agent so downstream strategy agents make progressively worse decisions while appearing normal. Defenses require rethinking governance: centralize model access through a monitored, metered gateway; use hyperscaler tooling but retain control over model instances; enforce vendor compliance and standardized AI cost/reporting/drift testing; and maintain a curated repository of prompts, tools and embedding vectors. The core message: agentic AI can materially increase ROI, but only if security is architected into multi-agent systems from day one — central control, continuous monitoring, and standardized controls are essential to prevent fast, automated “agent breaches.”