Sella Nevo, director of the Meselson Center at RAND and seasoned information scientist, dives into the critical issue of securing frontier AI models. He discusses high-stakes examples of cybersecurity breaches, emphasizing how easily model weights can be targeted by rogue states and hackers. With compelling insights on human intelligence manipulation and supply chain vulnerabilities, Sella underscores the pressing need for improved defensive strategies. He also highlights his innovative machine learning work in flood forecasting, a game changer for disaster management.
02:08:29
forum Ask episode
web_stories AI Snips
view_agenda Chapters
auto_awesome Transcript
info_circle Episode notes
insights INSIGHT
Categories of Threat Actors
Different actors, from amateurs to nation-states, target AI model weights.
Their resources and capabilities vary, requiring tiered security measures.
volunteer_activism ADVICE
Securing ML Infrastructure
Secure machine learning infrastructure by addressing vulnerabilities and malicious code execution.
Be aware of zero-day exploits and nation-state actors who may exploit them.
volunteer_activism ADVICE
Mitigating Insider Threats
Reduce insider threats by limiting access to model weights and fostering a security-conscious culture.
Be wary of human intelligence collection through bribery, value alignment, or extortion.
Get the Snipd Podcast app to discover more snips from this episode
"Computational systems have literally millions of physical and conceptual components, and around 98% of them are embedded into your infrastructure without you ever having heard of them. And an inordinate amount of them can lead to a catastrophic failure of your security assumptions. And because of this, the Iranian secret nuclear programme failed to prevent a breach, most US agencies failed to prevent multiple breaches, most US national security agencies failed to prevent breaches. So ensuring your system is truly secure against highly resourced and dedicated attackers is really, really hard." —Sella Nevo
In today’s episode, host Luisa Rodriguez speaks to Sella Nevo — director of the Meselson Center at RAND — about his team’s latest report on how to protect the model weights of frontier AI models from actors who might want to steal them.
Real-world examples of sophisticated security breaches, and what we can learn from them.
Why AI model weights might be such a high-value target for adversaries like hackers, rogue states, and other bad actors.
The many ways that model weights could be stolen, from using human insiders to sophisticated supply chain hacks.
The current best practices in cybersecurity, and why they may not be enough to keep bad actors away.
New security measures that Sella hopes can mitigate with the growing risks.
Sella’s work using machine learning for flood forecasting, which has significantly reduced injuries and costs from floods across Africa and Asia.
And plenty more.
Also, RAND is currently hiring for roles in technical and policy information security — check them out if you're interested in this field!
Chapters:
Cold open (00:00:00)
Luisa’s intro (00:00:56)
The interview begins (00:02:30)
The importance of securing the model weights of frontier AI models (00:03:01)
The most sophisticated and surprising security breaches (00:10:22)
AI models being leaked (00:25:52)
Researching for the RAND report (00:30:11)
Who tries to steal model weights? (00:32:21)
Malicious code and exploiting zero-days (00:42:06)
Human insiders (00:53:20)
Side-channel attacks (01:04:11)
Getting access to air-gapped networks (01:10:52)
Model extraction (01:19:47)
Reducing and hardening authorised access (01:38:52)
Confidential computing (01:48:05)
Red-teaming and security testing (01:53:42)
Careers in information security (01:59:54)
Sella’s work on flood forecasting systems (02:01:57)
Luisa’s outro (02:04:51)
Producer and editor: Keiran Harris Audio engineering team: Ben Cordell, Simon Monsour, Milo McGuire, and Dominic Armstrong Additional content editing: Katy Moore and Luisa Rodriguez Transcriptions: Katy Moore
80,000 Hours Podcast 