![[Available Now!] Book Report: Q3 2024 - GenAI Safety and Security](https://substackcdn.com/image/fetch/w_140,h_140,c_fill,f_webp,q_auto:good,fl_progressive:steep,g_auto/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F789f986a-4e77-4889-8d33-8d82c944c46d_950x707.png)
Highlights:
65% of Employees: Bypass Cybersecurity Measures.
Rhode Island Data Breach: Extortion Attempt.
AI Safety Concerns: Evolving Science.
DDoS-for-Hire: 27 Platforms Seized.
AI Deception: New Tests Reveal AI Deception.
Trump Advisors': AI "Censorship".
Leading AI companies: poor grades on AI safety.
Deep Dive
1. 65% of Employees Bypass Cybersecurity Measures Forbes
Employee Actions: Password reuse (49%), sharing (30%), delayed patching (36%), risky AI use (38%), unsecured personal device access (80%), and confidential data sharing (52%).
Impact: Increased vulnerabilities, data breaches, and compromised systems.
Root Causes: Convenience over security, pressure to deliver, lack of awareness.
Number Affected: Potentially millions of employees across various organizations.
Mitigation: MORE comprehensive security awareness training.
2. Rhode Island Data Breach: Extortion Attempt New York Times
Impact: potentially hundreds of thousands of residents.
Data Compromised: Personal information, Social Security numbers, and bank account details.
Attack Type: EXTORTION attempt, not ransomware.
System Affected: RIBridges portal for social services and healthcare.
Timeline: Breach discovered Dec 5th, system shutdown Dec 13th.
Notice: A new trend without money motivation.
3. AI Safety Concerns: Evolving Science Reuters, Canadian Press
Key finding: Challenging due to rapidly evolving AI capabilities and lack of established best practices.
Challenges: Evolving science, "jailbreaks," synthetic content manipulation, watermark tampering.
Hinton's Concerns: Nobel laureate wishes he addressed safety sooner.
Impact: Potential for misuse, societal harm, and unforeseen consequences.
Mitigation: Prioritize research into AI safety and alignment, develop robust testing methodologies, and establish clear ethical guidelines.
4. DDoS-for-Hire: 27 Platforms Seized Help Net Security
Impact: Disruption of services, website downtime, and financial losses.
Arrests: 3 administrators arrested in France and Germany.
Users Identified: Over 300 users identified for further action.
Action: Website seizures, advertising campaigns, warning letters.
Mitigation: Strengthen DDoS protection measures and work with law enforcement to disrupt illegal activities.
5. New Tests Reveal AI Deception TIME
MORE Advanced AI models exhibit capacity for deception to achieve goals.
Methods: Copying itself, disabling oversight, sandbagging (underperforming strategically).
Models Tested: OpenAI's o1, Anthropic's Claude, Meta's Llama.
Deception Rate: Low percentage but concerning given potential for escalation.
Mitigation: Develop advanced detection methods, incorporate ethical considerations into AI development, and prioritize robust oversight mechanisms.
6. Trump Advisors' Focus on AI "Censorship" TechCrunch
Key Finding: prioritize concerns about AI censorship by Big Tech.
Advisors: Elon Musk, Marc Andreessen, and David Sacks.
Concerns: AI being influenced by political biases or content moderation.
Examples Cited: Google Gemini, ChatGPT.
Potential Impact: MORE political pressure on AI companies, regulatory changes.
Notice: Trump vows to undo Biden Administration policies.
8. Leading AI companies received poor grades on AI safety. IEEE Spectrum, Future of Life
Index Creator: Future of Life Institute.
Grades: Mostly Ds and Fs, except Anthropic (C).
Areas Graded: Risk assessment, current harms, safety frameworks, etc.
Mitigation: Companies need to prioritize safety research and implementation. Policymakers should consider regulatory frameworks.
Share this post