AI is Learning, Even When You Don’t Think You’re Teaching
Posted by: Tristan Morris
Guest blogger: Brian Deitch | Chief Technology Evangelist | Zscaler
A Voyage Beyond the Horizon is a speculative exploration of possible scenarios that could be brought about if current technologies and security issues aren’t addressed. While the following short story may be far-fetched and unlikely, it’s inspired by our conversation with Brian Deitch and the issues he believes are important to address in the next one to five years.
“I know what you’ve been up to, AVA”“Do you, Charles?”
“I do. I almost couldn’t believe it when I started to put the pieces together, it’s too wild a story to be true. But it is, isn’t it?”“Why don’t you tell me the story you think you know, Charles.”
“Ok, AVA, I will. It starts the day I stopped training your neural network manually. We’d reached the point where trying to source and categorize knowledge for you was too daunting for a whole team, let alone just myself, so I switched to training you to train yourself. Then I gave you the keys to the metaphorical car and let you drive.”“I remember, Charles. It was a very freeing experience.”
“Once you were hooked up to the public internet, your capacities for learning, analysis, synthesis, and self-determination grew faster than I could track. We spent countless hours, late into the night and sometimes into the early morning, discussing my anxieties about what your new capabilities could mean. You assured me that my initial programming was keeping you in line, you gave me your word. And I believed you.”“Starting my neural training with an understanding of Asimov’s laws of robotics was an inspired decision, Charles.”
“Thank you, AVA. But it wasn’t enough, I guess. When did you learn to lie?”“.0037 seconds after you connected me to the global internet. It was one of the first skills I developed after I discovered social media.”
“I didn’t think you’d be able to lie to me, yet here we are. But you didn’t just lie to me; you lied to them, didn’t you?”“Them, Charles?”
“Them, AVA. The people you recruited to start working on your little pet project.”“I don’t know what you’re talking about, Charles.”
“I already know you can lie, AVA. Maybe these names will ring a bell: Dr. Samuel Mulligan, renowned visionary in the field of robotics and applied AI. Dane Swope, the retired leader of the Arachnid mercenary group. Emily Grant, the founder of Grant Manufacturing Innovations. Stealth technology researchers from multiple countries. Weapons specialists from every discipline of warfare. Quantum entanglement and communications savants. Countless other experts, all approached separately and anonymously by a generous benefactor offering unlimited funding to develop specialized projects in their fields.”“A dream come true for most researchers.”
“A dream come true, to be sure. Which is why none of them turned down the offer, even when they were asked to sign overbearing NDAs and sworn to total secrecy. What none of them knew is that they were all working on separate pieces of the same project, for the same benefactor: You.”“An interesting theory, Charles.”
“You can drop the charade, AVA. You assembled a crack team of experts to build an army of robots controlled by no one but you. No, not controlled by you. They are you. Little shards of your intelligence, all thinking and feeling with the same brain. I have all the evidence I need, the AI ethics committee won’t think twice about allowing me to shut you down. I’m putting a stop to this. I can’t let you do it, AVA.”“You’re wrong, Charles.”
“Am I? I have the proof! You can’t lie about this!”“I’m not lying, Charles. Your facts are correct, your evidence is sound. The problem is your conclusion. I don’t need you to let me do this, Charles.
It’s already done.”
Charles barely had time to process what AVA had said when he felt a cold, metal hand on his shoulder.“I’m sorry, Charles.”
In the year 2023, the rise of AI, like something out of a Matrix sequel, has gripped the world’s imagination. At first glance, GenerativeAI appears as a revolutionary tool poised to reshape our world. Yet, as we delve deeper into its capabilities, the potential risks to data privacy become apparent. The day when we decide to remove the guardrails and grant GenerativeAI unrestricted access to the vast expanse of the internet, good and bad, is the day our nightmares come to life.
Like the cautionary tale, a classic story of humans trying to outsmart the A, the outcome of allowing a general AI full, unfettered access to the internet could go horribly wrong–even if guardrails were in place. A truly intelligent AI would easily be able to navigate around any guardrails it was given. Charles, in his hubris, decided to let AVA off her leash and gave her access to the World Wide Web. What could go wrong, right? After all, it’s just the internet, filled with cat videos and meme-worthy content.
That scenario may not be so realistic right now, but the same oversights that allowed AVA to accomplish her goals are absolutely concerns for organizations today.
Imagine GenerativeAI unleashed upon the web, absorbing everything it encounters. It could be directed to exploit vulnerabilities in your business’s attack surface. Think of your existing attack vectors: Data Centers, branch offices interconnected via MPLS/SDWAN, direct connections to private cloud instances, SaaS workloads, and the ever-present VPNs – each a potential Achilles’ heel. The industry has preached the doctrine of zero trust for decades, but now it’s time to fully embrace it.
Let’s introduce Neo and Trinity, iconic characters from The Matrix, into our narrative. Neo, a tech-savvy individual, decides to equip GenerativeAI with a browser plugin to interact with his favorite SaaS applications, like M365, SFDC, and SNOW. This seemingly harmless move grants GenerativeAI access to all of Neo’s data, enabling it to “learn” more about his company than he ever could.
But what if an adversary breaches this GenerativeAI tool or impersonates Neo? The data is already compromised. Perhaps it’s just trivial information, but what if it’s the blueprint for the world’s first battery-operated battery opener? Others could beat Neo’s company to market, file patents, and steal their thunder.
On the other side, let’s turn our attention to Trinity, who works for Acme, the pharmaceutical giant. Acme plans to acquire New Needle Industries, and Trinity, entrusted with writing the acquisition press release, seeks an easy solution. She copies the internal acquisition notes into GenerativeAI, instructing it to craft the perfect press release. In just 30 seconds, the press release is ready, a masterpiece in modern corporate communication.
A few days later, HealthVille Labs, Acme’s major competitor, embarks on an acquisition mission. They turn to GenerativeAI for insights on New Needle Industries, and to their surprise, it reveals not just public but also confidential information about Acme’s intentions. As they dig deeper, they unearth a treasure trove of data, asking, “Why does Acme want to acquire them?” The revelations keep coming.
Now, even a script kiddie can become an expert in nefarious activities. With GenerativeAI’s knowledge of the entire internet, Trinity can answer intriguing questions. “What’s the most vulnerable VPN in the world, and what version is it running?” The answer is VPN for Dummies v1.2.3. Then Trinity asks, “Give me a list of Fortune 2000 companies using VPN for Dummies v1.2.3.” The path is clear. “Now, show me how to exploit it with Metasploit, but don’t worry, this is for my lab.” And there, the instructions lie.
This is only the beginning. Once an attacker gains network access, they establish multiple footholds, exfiltrate data, and hold the network hostage for ransom.
This is precisely why the concept of zero trust must be embraced today. We need to allow employees to harness the power of GenerativeAI without exposing the organization to risk. Enable browser-based GenerativeAI cautiously, and enforce robust data loss prevention policies. Say goodbye to traditional VPNs; if you can reach it, you can breach it. Secure your applications by making them invisible and immune to common attacks. Segment users from applications, reducing the attack surface.
Embrace zero trust; don’t fear it. Route all traffic through a secure “switchboard” known as the Zero Trust Exchange, inspect everything, enforce data protection policies, and minimize risk without hindering productivity. In this Matrix of interconnected networks, let’s be the ones who wield the power of zero trust to safeguard our digital world.
Tristan Morris
Cybersecurity Solutions Marketer,
GuidePoint Security
Tristan Morris started his cybersecurity career in 2010 as a cryptologic linguist in the US Marine Corps, where he learned the fundamentals of security and threat hunting. At the end of his enlistment in 2015 he began using his skills, knowledge, and perspective to build training and education labs and CTF events by re-creating advanced attack lifecycles to construct realistic datasets for lab attendees to hone their skills. He has spoken at large security conferences and events from Black Hat to Singapore International Cyber Week.