Cybersecurity Is Critical to Preserve American Leadership in AI

Another example of cyber espionage against American targets was disclosed last week. This time, North Korean hackers coordinated to steal military data from public and private sector entities to aid their nuclear and other defense programs. Unfortunately, stories like this don’t grab the national attention they deserve as readers have become desensitized, through volume and scope, to cyber shenanigans.

While the Center for AI Policy (CAIP) appreciates continuous federal and private sector efforts to improve and standardize America’s cybersecurity posture, a renewed vigilance is needed to mitigate hacking threats by individuals, criminal organizations, and state sponsored actors. With American personal, economic, and national security interests at stake, CAIP proposes that AI companies report their cybersecurity protocols against a set of key metrics.

Protecting dual use technology is familiar to many in both the government and the private sector. There are clear security requirements to prevent other powerful technologies from getting into the wrong hands in some areas. For instance, the Department of Defense (DoD) requires that defense contractors meet certain standards in the Cybersecurity Maturity Model Certification (CMMC) program.

The CMMC is a validation program that the DoD utilizes to verify that contractors implement and maintain cybersecurity standards appropriate to their work. The tiered system allows for rightsized cybersecurity requirements depending on the sensitivity of the work.

Given that CMMC has already been used by the private sector, it may be an appropriate standard against which AI companies can report their cybersecurity measures. Further, the tiered system, with lower thresholds for lower-risk work, could be appropriate for the range of AI labs - accommodating the significant differences in scale and the power of their systems.

Reporting on the adoption of CMMC protocols, or something similar, would be a low-touch incentive to strengthen cybersecurity safeguards. Preventing advanced technology from falling into the wrong hands is critical for public safety and national security. Moreover, it would  support economic prosperity through the protection of trade secrets, something that is in the interest of AI companies themselves.

To their credit, the private sector and AI labs are making thoughtful and coordinated progress to improve their cybersecurity measures. There are also many company specific efforts. For example, Anthropic has publicly shared their cybersecurity best practices, labeling their approach “multi-party authorization to AI-critical infrastructure design.” Microsoft has adopted the Secure Future Initiative, and Google has implemented the AI Cyber Defense Initiative. 

OpenAI’s Sam Altman summarized some of this work and the necessity of cyber security, stating:

American AI firms and industry need to craft robust security measures to ensure that our coalition maintains the lead in current and future models and enables our private sector to innovate. These measures would include cyberdefense and data center security innovations to prevent hackers from stealing key intellectual property such as model weights and AI training data.

CAIP agrees and believes that now is the time for American leadership on cybersecurity protocols. The current patchwork, while well intentioned, is insufficient. 

As a cautionary example, Operation Shady RAT was uncovered and disclosed in 2011 - five years after the cyberattack on more than 70 global companies, governments, and non-profit organizations began. It is believed that China was behind the attack, aiding in the development of military assets and undermining American economic competitive advantages.  

In a 2011 paper Revealed: Operation Shady RAT, McAfee’s Dmitri Alperovitch presciently wrote:

What we have witnessed over the past five to six years [as of 2011] has been nothing short of a historically unprecedented transfer of wealth—closely guarded national secrets (including those from classified government networks), source code, bug databases, email archives, negotiation plans and exploration details for new oil and gas field auctions, document stores, legal contracts, supervisory control and data acquisition (SCADA) configurations, design schematics, and much more has ‘fallen off the truck” of numerous, mostly Western companies and disappeared in the ever-growing electronic archives of dogged adversaries.

America must protect the intellectual properties and trade secrets developed in America and with our allies. If not, our economic and national securities interests will be imperiled, similar to those in previous operations like Shady RAT. The Administration and Congress can and should take this opportunity to demonstrate leadership on cybersecurity -  especially in AI.