Google DeepMind: The Podcast Pt.1 Beyond Phishing: Cyber Threats in the Age of AI with Four Flynn
97 snips
Oct 9, 2025 Paul Flynn, Vice President of Security at Google DeepMind, shares his insights on the evolving landscape of AI-driven cyber threats. He discusses the infamous Operation Aurora and the shift from server-side to client-side attacks, emphasizing the need for zero trust practices. Flynn highlights how LLMs can create polymorphic malware and risks like prompt injection. He also introduces initiatives like Project Big Sleep, which uses AI to discover vulnerabilities, and Project Mender for automating secure patches, showcasing Google's unique position in enhancing cybersecurity.
AI Snips
Chapters
Transcript
Episode notes
Fish Tank Thermostat As A Pivot
- Paul Flynn cites the Las Vegas casino fish-tank thermostat as a real IoT pivot example.
- Attackers used the poorly secured device to gain network foothold and move to sensitive systems.
Why Zero-Days Keep Security Awake
- Zero-day vulnerabilities remain the scariest risk because they can defeat fully patched systems.
- Defense-in-depth and modern OS mitigations make exploitation harder but don't eliminate latent risk.
Non-Determinism Breaks Old Assumptions
- LLMs differ from traditional deterministic systems because they produce non-deterministic outputs.
- This non-determinism creates new security challenges for defenders accustomed to predictable behavior.