Top of the Day

Export Controls on Open-Source Models Will Not Win the AI Race

(Claudia Wilson and Emmie Hine – Just Security – 25 February 2025) Even prior to the release of DeepSeek-R1, a contentious policy debate was taking shape: should open-source AI be regulated? In the United States, this debate has been dominated by two competing perspectives. One emphasizes geopolitical risk and global power dynamics, with a focus on Chinese misuse of U.S. open-source AI. The other is rooted in ideological values — innovation, transparency, and democracy — championed by the open-source community. U.S. policymakers face the formidable task of reconciling these seemingly competing priorities. If policymakers wish to balance geopolitical and ideological considerations, export controls on open-source models are not the solution. Such attempts to partially limit access to information would likely be porous and ineffective, while potentially disrupting innovation and American influence. A more effective alternative would be to focus on risk endemic in each model and thus determine an appropriate mode of release, instead of trying to prevent specific actors from accessing public information. – https://www.justsecurity.org/108144/blanket-bans-software-exports-not-solution-ai-arms-race/

AI: China and the US go head-to-head

(Jean Dong, Christoph Nedopil – Lowy The Interpreter – 25 February 2025) In terms of timing, it doesn’t get much better than this. On 20 January 2025, with the world focused on Donald Trump’s inauguration, China’s DeepSeek quietly launched its low-cost, open-source, high-performance large language model, called R1. The capabilities of DeepSeek are reported to rival or even surpass OpenAI’s ChatGPT-4, and at a fraction of the cost (DeepSeek was reputedly built for US$6 million, however other estimates put it as high as US$1 billion). The impact was immediate: America’s Nasdaq plunged 3.1 per cent, while the S&P 500 fell 1.5 per cent. – https://www.lowyinstitute.org/the-interpreter/ai-china-us-go-head-head

Swedish authorities seek backdoor to encrypted messaging apps

(Suzanne Smalley – The Record – 25 February 2025) Sweden’s law enforcement and security agencies are pushing legislation to force Signal and WhatsApp to create technical backdoors allowing them to access communications sent over the encrypted messaging apps. Signal Foundation President Meredith Whittaker said the company would leave the Swedish market before complying with such a law, Swedish news outlet SVT Nyheter reported Monday. – https://therecord.media/sweden-seeks-backdoor-access-to-messaging-apps

New wireless attack using 6G tech could jam devices with pinpoint accuracy

(Kaif Shaikh – Interesting Engineering – 25 February 2025) A recent study by researchers from the Max Planck Institute for Security and Privacy (MPI-SP) and Ruhr University Bochum (RUB) reveals that reconfigurable intelligent surfaces (RIS) can be used to launch targeted jamming attacks on Wi-Fi networks. Their findings indicate that this technology, originally developed to optimize wireless signals in future 6G networks, could also allow attackers to disrupt specific devices while leaving nearby devices unaffected selectively. – https://interestingengineering.com/innovation/intelligent-reflective-targeted-network-jamming

The Missing Pieces in India’s AI Puzzle: Talent, Data, and R&D

(Anirudh Suri – Carnegie India – 24 February 2025) The world is at a critical moment in the race for artificial intelligence (AI) leadership. As the global competition for leadership in AI heats up, the current trend is toward the concentration of data, capital, talent, and cutting-edge research in the hands of a few firms and even fewer countries. The United States and China, the world’s two “AI superpowers,” are locked in what is being called an “AI arms race” for the faster development and adoption of AI. Firms in these countries are building newer applications—commercial as well as military—for global adoption. The January 2025 release of DeepSeek-R1, an open-source model developed by a Chinese AI start-up, sparked panic in the United States’ AI sector, serving as yet another example of the AI race heating up. At the same time, other countries—notably, India, Japan, France, Germany, the United Kingdom, Singapore, and the United Arab Emirates (UAE), among others—want to prevent such concentration and are charting their own AI strategies to compete in this arena. These countries are attempting to find ways to avoid being relegated to observer status in the global AI race. – https://carnegieendowment.org/research/2025/02/the-missing-pieces-in-indias-ai-puzzle-talent-data-and-randd?lang=en&center=india

Security

AI Tricksters Spin Up Fake DeepSeek Sites to Steal Crypto

(Kristina Beek – Dark Reading – 25 February 2025) Threat actors are leveraging brand impersonation techniques to create fake websites mimicking DeepSeek, an AI chatbot from China that launched just a month ago. Their goal? Getting users to divulge personal and sensitive information. A significant number of imposter sites imitating DeepSeek have already popped up, according to researchers at ThreatLabz, including deepseeksol[.]com, deepseeksky[.]com, deepseek[.]app, deepseekaiagent[.]live, and many more. In addition to sharing their personal information, users are also tricked into downloading the Vidar information stealer. – https://www.darkreading.com/threat-intelligence/ai-tricksters-spin-up-fake-deepseek-sites-steal-crypto

UK Home Office’s new vulnerability reporting mechanism leaves researchers open to prosecution

(Alexander Martin – The Record – 25 February 2025) Individuals in the United Kingdom who report cybersecurity vulnerabilities to the Home Office are at risk of facing prosecution for the simple act of discovering those vulnerabilities — even if they comply with new guidance the government department published on Monday. The Home Office — responsible for security, law and order — is the latest British government department to offer ethical hackers a way to help secure its systems using the vulnerability reporting platform HackerOne, although without receiving a “bug bounty” payment. The Ministry of Defence (MoD) first piloted the approach in 2021. – https://therecord.media/uk-home-office-vulnerability-disclosure-ethical-hackers

Background check and drug testing provider DISA Global Solutions reports data breach

(Joe Warminsky – The Record – 25 February 2025) Houston-based employee screening company DISA Global Solutions says a 2024 data breach exposed the information of more than 3.3 million people. The company, which handles drug and alcohol testing and background checks for thousands of businesses, said Monday in a filing with Maine regulators that the breach affected current, former and prospective employees of its customers. – https://therecord.media/background-check-company-disa-data-breach

Defense, Intelligence, and Warfare

Hypersonics, autonomous systems top DepSecDef nom’s emerging-tech priorities

(Patrick Tucker – Defense One – 25 February 2025) More funding is needed to develop and quickly manufacture hypersonic missiles, autonomous systems, and AI tools to counter China and other threats, President Trump’s nominee to be deputy defense secretary said on Tuesday. “We have to develop hypersonics. We can’t allow the Chinese to be faster than us, both in their weaponry and aircraft,” financier Stephen Feinberg told the Senate Armed Service Committee during his confirmation hearing. – https://www.defenseone.com/technology/2025/02/hypersonics-autonomous-systems-top-depsecdef-noms-emerging-tech-priorities/403287/?oref=d1-featured-river-top

Pentagon plans for unified digital access tools across military this year

(Lauren C. Williams – Defense One – 25 February 2025) The Pentagon’s IT agency wants to simplify the digital tools used for identity verification and systems access on unclassified networks across the military this year, starting with the Army—which is on track to wrap up next month.  Whether it’s from a cubicle or the battlefield, defense organizations generally use different tools to log in or access certain networks, systems, or digital environments. The Defense Information Systems Agency, or DISA, wants to collapse everything into one solution. – https://www.defenseone.com/defense-systems/2025/02/pentagon-plans-unified-digital-access-tools-across-military-year/403245/?oref=d1-homepage-river