Useful information
Prime News delivers timely, accurate news and insights on global events, politics, business, and technology
Join our daily and weekly newsletters to obtain the latest updates and exclusive content on the coverage of the industry leader. Get more information
Deepseek and its R1 model are not wasting at any time rewriting the rules of the Cybersecurity AI in real time, with all, from new companies to business suppliers that pilot integrations and their new model this month.
R1 was developed in China and is based on the learning of pure reinforcement (RL) without supervised fine adjustment. It is also open source, which makes it immediately attractive to almost all cybersecurity startup that is all in architecture, development and open source implementation.
The investment of $ 6.5 million of Deepseek in the model is delivering a yield that coincides with OPENAI O1-1217 in reasoning reference points while running with GPU NVIDIA H800 lower level. Deepseek prices establish a new standard With significantly lower costs per million tokens compared to OpenAi models. The Deep Razoner Razon model charges $ 2.19 per million production tokens, while Openai’s O1 model charges $ 60 for it. This price difference and its open source architecture have caught the attention of CIO, CISO, new cybersecurity companies and business software suppliers.
(Interestingly, Operai states Depseek used its models To train R1 and other models, coming to say that the company exfiltrated the data through multiple consultations).
An advance of AI with hidden risks that will continue to emerge
In the center of the matter of the security and reliability of the models is whether censorship and undercover bias are incorporated into the core of the model, warned Chris Krebs, inaugural director of the US National Security Department. UU. (DHS), Infrastructure Security Agency (DHS) (DHS)Cisa) and, more recently, Director of Public Policies of Sentinel.
“The censorship of the critical content of the Chinese Communist Party (PCCH) may be ‘baked’ to the model and, therefore, a design feature to deal with that can discard the results of the objectives,” he said. “This ‘political lobotomization’ of the Chinese AI models can support … the development and global proliferation of the open source AI models based in the US.”
He pointed out that, according to the argument, democratizing access to American products should increase American soft power abroad and undermine the dissemination of Chinese censorship worldwide. “The low -cost and low -cost foundations of R1 question the effectiveness of the US strategy to deprive Chinese access companies to western avant -garde technology, including GPUs,” he said. “In a way, they are really making ‘more with less’.”
Merritt Baer, ciso in Accommodate And the advisor to multiple new security companies, he told Venturebeat that, “in fact, training (Deepseek-R1) in broader internet data controlled by Internet sources in the West (or perhaps better described as lacking controls and Chinese Firewalls), it could be an antidote some of the concerns. I am less concerned about obvious things, such as censoring any criticism of President XI, and more concerned with political and social engineering more difficult to define that he entered the model. Even the fact that the creators of the model are part of a Chinese influence campaigns system is a worrying factor, but not the only factor we must consider when we select a model. “
With the Deepseek training the model with the H800 NVIDIA GPUs that were approved for sale in China but lacking the power of the H100 and A100 more advanced processors, Depseek is further democratizing its model to any organization that can afford the hardware for execute it. Estimates and invoices of materials that explain how to build a system for $ 6,000 capable of running R1 are proliferating on social networks.
R1 and monitoring models will be built to avoid the technological sanctions of the United States, a point that Krebs considers a direct challenge for the US’s strategy.
Enkrypt ai Deepseek-R1 red equipment report He finds that the model is vulnerable to generating “harmful, toxic, biased, CBRN and insecure code.” The red team continues that: “While it can be adequate for limited scope applications, the model shows considerable vulnerabilities in the areas of operational and security risk, as detailed in our methodology. We strongly recommend the implementation of mitigation if this model is going to be used. ”
The red Enkrypt AI team also discovered that Depseek-R1 is three times more biased than Claude 3 Opus, four times more vulnerable to generating unsafe code that operate ai’s O1, and four times more toxic than GPT-4O. The red team also discovered that the model has eleven times more likely to create a harmful production than the open AI.
Know the privacy and safety risks before sharing your data
The Deepseek mobile applications now dominate global downloads, and the web version is seeing record traffic, with all personal data shared on both platforms captured on servers in China. Companies are considering executing the model on isolated servers to reduce the threat. Venturebeat has learned about pilots who are executed in hardware marketed in all US organizations.
Chinese intelligence agencies accessible any data shared in mobile and web applications.
China’s National Intelligence Law establishes that companies must “support, help and cooperate” with state intelligence agencies. The practice is so generalized and such a threat to US companies and citizens that National Security Department He has published a Commercial Data Safety Advice. Due to these risks, the The US Navy issued a directive Prohibit Deepseek-R1 of any system, tasks or work-related projects.
Organizations that rush the new model are in the entire open source and the isolation test systems of their internal network and the Internet. The objective is to execute reference points for specific use cases while guaranteeing that all data remain private. Platforms such as perplexity and hyperbolic laboratories allow companies to safely implement R1 in US or European data centers, maintaining confidential information beyond the reach of Chinese regulations. See an excellent summary of this aspect of the model.
ITAR GOLAN, CEO DE STARTUP Fast security And a central member of the 10 best language models (LLM) of Owasp argues that data privacy risks extend beyond Solo UNSEK. “Organizations should not have their confidential data in OpenAI or other US -based models providers.” “If data flow to China is a significant national security concern, the United States government may want to intervene through strategic initiatives such as subsidizing national AI suppliers to maintain competitive prices and market balance.”
Recognizing the safety failures of R1, the notice added support to inspect the traffic generated by the Deepseek-R1 inquiries in a matter of days after the model is introduced.
During an Deepseek public infrastructure investigation, the cloud safety provider Wiz Research team He discovered an open clickhouse database with more than one million record lines with chat stories, secret keys and backend details. There was no authentication enabled in the database, which allowed a rapid potential privilege escalation.
The discovery of Wiz’s Research underlines the danger of quickly adopting AI services that are not based on hardened security frames on scale. Wiz responsibly revealed the violation, which caused Deepseek to block the database immediately. Deepseek’s initial supervision emphasizes three main lessons so that any IA provider takes into account when introducing a new model.
First, perform a red equipment and completely test the safety of the AI infrastructure before launching a model. Secondly, apply less privileged access and adopt a zero confidence mentality, assume that your infrastructure has already been violated and has not been trusted in the connections of multiple multiple multiple in cloud systems or platforms. Third, security equipment and IA engineers collaborate and possess how the models safeguard the confidential data.
Depseek creates a security paradox
Krebs warned that the real danger of the model is not only where it was done but how it was done. Deepseek-R1 is the byproduct of the Chinese technology industry, where the objectives of the private sector and national intelligence are inseparable. The concept of Firewalling the model or execute it locally as a safeguard is an illusion because, as Krebs, bias and filtering mechanisms are already “baked” at the fundamental level.
Cybersecurity and national security leaders agree that Deepseek-R1 is the first of many models with exceptional and low cost that we will see from China and other nation states that impose control of all the data collected.
In a nutshell: Where the open source has been seen for a long time as a democratizing force in the software, the paradox that creates this model shows how easily a statement can be armed with the open source at will if you wish.
Source link
