Recently, Meta chief Mark Zuckerberg, a crusader of open-source models, emphasised the safety aspects for the models. “There is an ongoing debate about the safety of open-source AI models, and my view is that open-source AI will be safer than its alternatives. I think governments will conclude it’s in their interest to support open source because it will make the world safer and more prosperous,” he said.
However, open-source platforms are not immune to data threats. With the rise in cybersecurity incidents, with over 343 million victims reported just last year, the focus is back on data security, especially with AI in the picture.
“One of the biggest challenges today is the new field of AI and finding how attackers are going to use AI to attack us. We take a step, the attackers take a step. It’s a never-ending game and the gap is minimising. I can’t predict what’s going to happen next year because this technology is developing exponentially,” said Jossef Harush Kadouri, the head of supply chain security at CheckMarx, in an exclusive interaction with AIM at the recent Accel Cybersecurity Summit.
Cyber Attacks on Open Platforms
Kadouri, who works out of Tel Aviv, Israel, is in charge of protecting enterprises against software supply chain attacks. He has previously served in the Israel Defense Force’s cybersecurity wing for over four years. He currently ranks in the top 1% of users on Stack Overflow.
Alluding to how packages with high ratings does not mean they are safe from malicious attacks even on platforms such as GitHub and Hugging Face, Kadouri said, “Now, if you ever thought that popular packages are safer, not necessarily.
Attackers focus on those assets to deliver immediate attacks,” he said, emphasising on typosquatting, where Python developers are targeted through registered misspelled versions of popular packages such as Selenium.
“Once we investigated the actual code executed in this malicious package, this code was highly cryptic, obfuscated, hard to read and understand, and it’s executed upon installation,” warned Kadouri. Over 900 packages containing obfuscated codes that execute upon installation were revealed.
Hugging Face is the Disneyland of Open-Source Models
Popular developer platforms such as GitHub and Hugging Face have not been free of all kinds of threats. Though Hugging Face is taking active measures to prevent backdoor threats, the platform is susceptible to model-based attacks.
“Hugging Face is like the Disneyland of LLM, open-source models, and pre-trained models,” said Kadouri.
Various forms of cyber attacks are continuously taking place on these platforms. Malicious browser extensions are another common route through which hackers syphon off money.
In the context of cryptocurrency transfers, users typically copy and paste wallet addresses to avoid errors. It was revealed that a malicious browser extension could alter the copied address, potentially redirecting crypto funds to a different wallet.
“This is how sophisticated the attacks are. You would only realise it once it’s too late. You can’t undo a crypto transaction,” said Kadouri.
Cyber Threat Awareness
With the rising cyber attack cases, one of the biggest needs of the hour is awareness. “I think what we need to do is educate and raise awareness that we have bad guys operating in this attack surface,” said Kadouri, who supports the whole open platform that enables developers build products, however, is wary of the risks that are apparent.
“It’s a good thing to do, but they [platforms] also don’t vet the content they host. So this is why we need to stay alert from things that may look legitimate, but are not. Because, anyone can contribute fresh new content to open source and disguise it as something that is well worth it,” he said.
Interestingly, Rahul Sasi, the co-founder and CEO of CloudSEK, an AI-powered digital risk management enterprise, reflected similar sentiments.
Speaking about the recent Indian telecom operator whose user data was hacked (without taking names), Sasi mentioned that the companies don’t acknowledge it, which is a problem that hinders cybersecurity awareness.
“I mean, the problem with this company is that they also don’t understand. Or many times the security teams understand, but then there is high pressure on the top management not to accept it,” said Sasi, in an exclusive interaction with AIM.
“Things have improved in the last 10 years. But, it hasn’t reached where it should. In my perspective, maybe in another 10 years it hopefully will. The media also has a role to play here. If you try to blame somebody, they’ll always try to defend,” he said.
With AI in the cybersecurity scene, optimism is on the higher end. However, Kadouri doesn’t completely believe so.
AI in Cyberattacks
Speaking about how AI has added to cyberattacks through deep-fake technology, for instance, Kadouri still “wants to believe” that AI might be a problem-solver too.
“I can definitely see AI helping us defenders do our jobs better, reduce manual labour and automate things. But, if they’re [cyber attackers] so good at fooling human beings, they’re probably going to be good at fooling AI too,” he said.
“I mean, time will tell,” he concluded.
