SOC Analysts – Reimagining Their Role Using AI
January 31, 2025
Since DeepSeek burst the bubble of American AI chauvinism, praise for the Chinese company’s AI model R1 has been tempered by accusations of unfair competition.
The scandal will increase the tech community’s awareness of security issues, and maybe its expenditures.
According to OpenAI, it was “examining indications” that DeepSeek used OpenAI’s unlawful data to build its model. According to a Bloomberg story yesterday, the U.S. Department of Commerce is investigating whether DeepSeek used third parties in Singapore to circumvent U.S. export restrictions and acquire cutting-edge processors from Nvidia NVDA-3.67%.
The Department of Commerce did not answer Barron’s questions, and DeepSeek has not responded to U.S. media inquiries.
The White House national security advisor Michael Waltz was urged by the leaders of the House Select Committee on the Chinese Communist Party on Thursday to impose stringent licensing requirements on Singapore unless it agreed to impose stricter regulations on transshipments to China.
Committee chairman John Moolenaar (R., Mich.) and ranking member Raja Krishnamoorthi (D., Ill.) wrote a public letter stating that Singapore accounted for 22% of Nvidia’s sales in its most recent quarterly statement.
According to DeepSeek, it built its striking model using the simplified H800 chip that Nvidia created in order to abide by the first export restrictions in 2022. Later, in 2023, the rules were updated to prohibit exports of such chip.
According to Nvidia, it has always demanded that users follow US regulations.
According to a statement from Nvidia, “We insist that our partners comply with all applicable laws, and if we receive any information to the contrary, act accordingly.” Revenue billed to Singapore, according to the chip manufacturer, does not always signify a breach of export regulations. “A lot of our clients use Singaporean business entities to sell goods that are going to the United States and the West.”
The congressmen also suggested that the Commerce Department add the H20, another Nvidia processor, to the restricted list and update its export regulations more regularly. Before U.S. prohibitions on shipments to the People’s Republic of China started, DeepSeek claimed to have stocked that chip and others from Nvidia.
According to the legislators, “it is essential to regularly update export controls to ensure the PRC will not exploit regulatory gaps and loopholes to advance their AI ambitions.”
Users of DeepSeek’s R1 model have grown rapidly both domestically and internationally. AI hosting companies such as Microsoft and Amazon.com have introduced R1 to their models that clients can run on the centers’ acceleration hardware after realizing the product’s benefits. That development did not sit well with the congressmen.
They added, “We mustn’t let PRC AI systems acquire the data of U.S. users that only further enable the capabilities of the AI system while gaining a significant market share in the United States.”
The legislators pointed out that DeepSeek warns customers that it might keep personal data on servers located in China. They said that federal laws should prohibit government organizations from purchasing AI systems that are based on Chinese models, such as DeepSeek, and from using them in vital infrastructure.
This week, industry professionals also offered their opinions on the security issues associated with DeepSeek.
DeepSeek’s software was examined to determine if malevolent actors might use it to develop code for data theft and other types of mischief, or for the information to build a “Molotov cocktail,” according to a note from the Unit 42 research group at the cybersecurity company Palo Alto Networks. According to the researchers, they were able to accomplish all of these goals.
To prevent the dangers of utilizing DeepSeek, Palo Alto encouraged readers to think about its security services and products. The risks were acknowledged by other consultants. According to a report by the company Enkrypt AI, DeepSeek is 11 times more likely to produce hazardous output and four times more prone to producing unsecured computer code than OpenAI’s o1 model. The likelihood of DeepSeek responses breaking federal fairness and discrimination laws was three times higher than that of Anthropic’s claude-3-opus responses.
