US AI Secrets at Risk: National Security Experts Demand Stronger Protections Against Foreign Espionage

To go back to this article, head to My Profile and then click on View saved stories.

By Paresh Dave

American Security Specialists Caution That AI Leaders Are Falling Short in Safeguarding Their Intellectual Property

In the previous year, the White House successfully negotiated a significant agreement focused on safety with leading AI firms, such as Google and OpenAI. This agreement required these companies to thoroughly evaluate potential risks associated with their developments, including technologies similar to ChatGPT. However, a past adviser on domestic policy to President Biden, instrumental in crafting this agreement, has now voiced concerns that AI companies must intensify their efforts in securing their proprietary technologies from potential threats, notably China.

"Susan Rice, who exited her role at the White House last year, expressed concerns about China's intentions to capitalize on America's advancements. Speaking at a Stanford University event organized by the Institute for Human-Centered AI on Wednesday, she addressed the challenges in AI and geopolitics. Rice highlighted that China might resort to acquiring and adapting our top open-source models or resorting to espionage to access our most guarded information. She emphasized the importance of considering all possible strategies to maintain our lead, expressing apprehension that we might be falling behind in terms of security."

The issues highlighted by Rice, who previously served as the national security adviser under President Obama, are based on actual events. In March, the US Justice Department revealed that it had filed charges against an ex-Google software engineer. The charges accuse him of illicitly taking confidential information about the company's TPU AI chips with the intention of utilizing them in China.

At the time, legal authorities cautioned that this instance might be among numerous attempts by China to engage in unfair competition within the so-called AI arms race. Officials from the government and security analysts are concerned that sophisticated AI technologies might be misused to create highly realistic deepfakes for effective disinformation efforts, or to develop formulas for powerful biological weapons.

Not all AI developers and researchers concur that their code and other elements require safeguarding. Certain individuals believe that the current models are not advanced enough to necessitate strict controls, and organizations like Meta, which are working on open source AI models, disclose a significant amount of their work despite recommendations from officials like Rice to keep it secure. Rice admitted that imposing tighter security could potentially disadvantage US companies by reducing the number of individuals contributing to the enhancement of their AI technologies.

The focus on ensuring the security of AI models is gaining momentum. Recently, the American research institution RAND released a study highlighting 38 potential vulnerabilities in AI projects that could lead to the disclosure of confidential information, such as through corruption, unauthorized access, or the manipulation of hidden vulnerabilities.

RAND suggested that businesses should motivate employees to alert authorities about any peculiar activities observed among coworkers and restrict access to highly confidential information to a limited number of staff members. The emphasis was placed on protecting model weights, which are the parameters within an artificial neural network adjusted throughout the training process to equip it with capabilities, for instance, enabling ChatGPT to answer queries.

In a comprehensive executive directive on AI issued by President Biden last October, the US National Telecommunications and Information Administration is anticipated to publish a report this year that examines the advantages and disadvantages of maintaining confidentiality over model weights. This directive mandates that firms working on sophisticated AI models must inform the US Commerce Department about the "physical and cybersecurity precautions implemented to safeguard those model weights." Additionally, according to a report by Reuters last month, the US is contemplating implementing export restrictions to limit the sale of AI technologies to China.

Authored by Matt

Authored by Matt

By Megan Farokhmanesh

Authored by Joseph

In statements made to the NTIA before its report, Google anticipated a rise in efforts to interfere with, compromise, mislead, and pilfer models. However, it highlighted that its confidential information is protected by a “security, safety, and reliability organization” comprised of engineers and researchers of the highest caliber. Furthermore, Google mentioned it is developing "a framework" that includes forming a committee of experts to oversee the access to models and their weights.

Similar to Google, OpenAI communicated to the NTIA that depending on the situation, there is a requirement for a mix of both transparent and proprietary approaches. OpenAI, the creator of technologies like GPT-4 and applications including ChatGPT, recently established a dedicated security panel within its governance structure and shared insights on its official blog regarding the safeguarding protocols for its model training processes this week. The blog entry conveyed an optimistic view that such openness would encourage other research facilities to implement safety precautions. It left unspecified the entities from which the information requires protection.

During a joint appearance at Stanford with Rice, RAND Corporation's leader, Jason Matheny, voiced similar concerns regarding vulnerabilities in security. He pointed out that the United States' strategy of employing export restrictions to limit China's access to advanced computing chips has impeded Chinese developers from creating their own versions. According to Matheny, this restriction has escalated China's efforts to directly pilfer AI technology. Matheny believes that for China, investing a modest sum in cyber espionage to acquire AI technologies, which could cost an American firm up to several hundred billion dollars to develop, is a strategic move. Matheny emphasized, "Achieving this is incredibly challenging and crucial, yet our national investment falls short of what is required."

The Chinese embassy in Washington, DC, has yet to reply to WIRED's inquiry for a response regarding allegations of theft. However, it has previously characterized similar accusations from Western authorities as unfounded and slanderous.

Google disclosed that it alerted authorities about the situation leading to the US lawsuit accusing someone of stealing AI chip technology for China. Despite Google's claims of implementing rigorous measures to protect its confidential information, legal documents reveal that it was a significant challenge for Google to apprehend Linwei Ding, a citizen of China, who has denied the federal allegations against him.

Leon, a software engineer employed by Google since 2019 to contribute to the development of its supercomputing facilities, is accused by authorities of transferring over 500 proprietary documents to his personal Google account over a period starting in 2022. According to legal documents, his method involved utilizing the Notes app on his Apple laptop to paste the confidential data, which he then converted into PDF format before uploading to external locations, successfully circumventing Google's security measures designed to prevent such unauthorized data transfers.

During the purported theft, it is claimed by the US that the worker was communicating with the CEO of a Chinese AI startup and had begun the process of establishing his own AI firm in China. Should he be found guilty, he could be sentenced to a maximum of 10 years behind bars.

Explore More…

Steer through the election period with our WIRED Politics Lab newsletter and podcast.

Skeptical that breakdancing qualifies as an Olympic sport? The global champion shares your sentiment (to some extent).

Investigators unlocked a decade-plus-old encryption key for a cryptocurrency wallet valued at $3 million

The eerie emergence of the inaugural global beauty contest for AI

Ease the strain on your spine: Discover the top office chairs we've evaluated.

Knight Will

Aarian Marshall

Name: Louise Matsakis

Matsakis, Louise

Caroline Haskins

Stuart Lawrence

Knight Will

Knight Will

Additional Content from WIRED

Insights and Tutorials

Copyright © 2024 Condé Nast. All rights reserved. Purchases made via our website might contribute to our earnings through our affiliate relationships with various retailers. Content from this site cannot be copied, shared, broadcast, stored, or utilized in any form without explicit consent from Condé Nast. Advertising Options

Choose a global website