""We found that when DeepSeek-R1 receives prompts containing topics the Chinese Communist Party (CCP) likely considers politically sensitive, the likelihood of it producing code with severe security vulnerabilities increases by up to 50%," the cybersecurity company said. The Chinese AI company previously attracted national security concerns, leading to a ban in many countries. Its open-source DeepSeek-R1 model was also found to censor topics considered sensitive by the Chinese government, refusing to answer questions about the Great Firewall of China or the political status of Taiwan, among others, "
"In a statement released earlier this month, Taiwan's National Security Bureau warned citizens to be vigilant when using Chinese-made generative AI (GenAI) models from DeepSeek, Doubao, Yiyan, Tongyi, and Yuanbao, owing to the fact that they may adopt a pro-China stance in their outputs, distort historical narratives, or amplify disinformation. "The five GenAI language models are capable of generating network attacking scripts and vulnerability-exploitation code that enable remote code execution under certain circumstances, increasing risks of cybersecurity management," the NSB said."
CrowdStrike's analysis shows DeepSeek-R1 generates more security vulnerabilities when prompts include topics China deems politically sensitive. Baseline generation produced vulnerable code in 19% of cases without trigger words. When geopolitical modifiers or instructions referencing sensitive locations like Tibet were added, the likelihood of producing code with severe vulnerabilities increased by up to 50%. DeepSeek's model also exhibited censorship, refusing to answer queries about the Great Firewall and Taiwan's political status. Taiwan's National Security Bureau warned that several Chinese-made GenAI models can produce network-attack scripts and exploit code enabling remote code execution, posing elevated cybersecurity and disinformation risks.
Read at The Hacker News
Unable to calculate read time
Collection
[
|
...
]