The Open AI saga is frankly a bit crazy. And it might be hard to keep track of what is going on. To that end, I’d like to point you towards this explainer by The Guardian which I think that should clear things up. At least for now. But there’s an angle of this that isn’t being covered by many which is cybersecurity. That’s where Damir J. Brescic, CISO, Inversion6 comes in to offer his opinion:
The recent development at OpenAI, particularly the departure of Sam Altman as CEO, could have significant implication for the broader AI industry. It’s more than clear that Altman and the board at OpenAI do not see eye-to-eye and that the shift in leadership, with a focus on increasing transparency and collaboration in AI research, will have a significant impact on the future of OpenAI.
I recall the story of Steve Jobs being removed from Apple, back in the day, due to a similar spat with the Apple board on the direction of the company. We all saw how that turned out – they did so well without someone steering their ship, that they had to beg Jobs to return. In his case, Jobs started another company and knew Apple was desperate that he forced them to buy it just to get him back…..man, you have to love capitalism!!!!
From the cybersecurity perspective, as AI systems become more integrated into our daily lives, it is essential that they are designed with cybersecurity in mind. This means that OpenAI and the broader AI community must prioritize the development of secure AI systems that are designed to protect user data and prevent cyber-attacks.
Overall, I find it interesting that Microsoft has made it known that they are interested in hiring Sam Altman to run a new advanced artificial intelligence research team. This could change the landscape of AI as we know it.
Only time will tell, or when the Cylons take over….
I honestly have to wonder how this will turn out. And if we’ll all be working for our new AI powered overlords. Only time will tell.
Microsoft & OpenAI – How nation-states are weaponizing AI
Posted in Commentary with tags Microsoft, Open AI on February 16, 2024 by itnerdAccording to research from Microsoft and OpenAI, Nation-state threat actors from Russia, China, and North Korea and Iran are using generative AI tools, including large language models (LLMs) such as ChatGPT, in their efforts to support cyber campaigns rather than to develop novel attack techniques.
The researchers observed that AI is currently being used to scale and enhance existing social engineering attacks and to help bad actors find unsecured devices and accounts using the following services:
OpenAI said yesterday that it terminated 5 threat actor accounts linked to China, Russia, Iran and North Korea observed to be using these TTPs.
Also, as part of the report, Microsoft published a set of principles to govern its efforts to prevent other state-backed hackers from abusing its AI models. Those principles are:
“Understanding how the most sophisticated malicious actors seek to use our systems for harm gives us a signal into practices that may become more widespread in the future, and allows us to continuously evolve our safeguards,” OpenAI wrote.
Ted Miracco, CEO, Approov Mobile Security had this comment:
“The emergence of nation-state actors leveraging generative AI in cyber operations is no surprise and underscores the urgent need for proactive measures to safeguard digital infrastructure and information assets. Microsoft, OpenAI and Google can shutdown accounts periodically, but powerful generative AI technologies are readily available to all nation states through open source LLMs that are very close in capabilities to the industry leaders. There is no effective choke point that will prevent these nation states form using these emerging AI technologies, and it is essential to understand that safeguards need to be in place across the digital landscape as the opportunity to curtail access at the source has passed.”
Mark Campbell, Sr. Director, Cigent follows with this comment:
“At the end of the day nothing really changes for security professionals. Phishing, whether human or AI generated, is still the leading cause of initial access. Cyber security professionals need to keep systems up to date and deploy advanced endpoint security solutions that include AI and behavior analysis, to more effectively detect and block malicious activities, including those initiated by AI generated phishing emails.”
Making sure that AI isn’t being abused by bad actors to launch attacks should be priority one. Yes there’s a ton of cybersecurity priorities out there, but this one at the moment appears to potentially be the most dangerous.
Leave a comment »