Network security Archives | Page 138 of 199

DeepSeek’s use of Nvidia chips raises security concerns in Washington

Pressure is mounting on the Trump administration to impose stricter export controls on Nvidia’s AI chips following concerns over China’s DeepSeek. A bipartisan call from lawmakers John Moolenaar and Raja Krishnamoorthi urges officials to assess the national security risks linked to the firm’s reliance on advanced US technology.

A letter addressed to National Security Advisor Michael Waltz highlights that DeepSeek’s latest AI model has extensively used Nvidia’s H20 chips, which remain outside current export restrictions. The request forms part of a wider review into US export policies in response to strategic threats.

Concerns in Washington are growing over China’s rapid AI advancements, with the US House of Representatives warning against using DeepSeek’s technology. Officials fear AI could bolster cyber threats or facilitate bioweapons development, leading to increasing efforts to limit China’s access to cutting-edge chips.

Nvidia has stated that its products fully comply with US regulations and expressed willingness to work with authorities. Reports indicate that Trump’s administration is already considering new restrictions on H20 chip exports to China as part of its evolving AI security strategy.

French privacy watchdog to investigate DeepSeek AI over data concerns

France‘s data protection authority, the CNIL, announced it will question DeepSeek to better understand how the Chinese company’s AI system operates and assess potential privacy risks for users. The move comes as European regulators intensify scrutiny of AI, following concerns raised by Italy and Ireland over DeepSeek’s handling of personal data.

DeepSeek recently gained international attention after revealing its latest AI model, DeepSeek-V3, was trained using less than $6 million worth of Nvidia H800 computing power. European authorities have been particularly vigilant about data protection, with the EU’s General Data Protection Regulation (GDPR) setting stringent standards for privacy. Under GDPR, violations can result in fines of up to 4% of a company’s global turnover.

The CNIL’s investigation follows a broader European push to regulate AI technology, with new rules imposing strict transparency obligations on high-risk AI systems. Other countries, such as Italy and Ireland, have also launched inquiries into DeepSeek, reflecting growing concerns over AI’s implications for data privacy across the continent.

DeepSeek data exposed online before swift removal

A cybersecurity firm Wiz has discovered that Chinese AI startup DeepSeek inadvertently exposed sensitive data online. New York-based Wiz found more than a million lines of unsecured information, including digital software keys and chat logs capturing user interactions with the company’s AI assistant.

DeepSeek acted swiftly to secure the data after Wiz reported the issue. The company’s chief technology officer noted that the exposure was easy to find, raising concerns that others may have accessed the information before it was taken down. DeepSeek has not commented on the incident.

The startup has gained rapid popularity, with its AI assistant surpassing ChatGPT in downloads from Apple’s App Store. Its rise has intensified competition in the AI sector, sparking debates about the sustainability of US tech giants’ business models and profit margins.

FBI and Europol target cybercrime networks in global crackdown

A global law enforcement operation has shut down a series of cybercrime websites used for selling stolen data, pirated software, and hacking tools. The FBI and Europol coordinated the takedown as part of ‘Operation Talent’, targeting platforms associated with Cracked, Nulled, StarkRDP, Sellix, and MySellix.

Seizure notices appeared on the affected websites, and officials confirmed that information on customers and victims had also been obtained. Europol stated that further details would be released within 24 hours, while the FBI has not yet commented on the operation.

Reports suggest that the targeted sites played various roles in the cybercrime ecosystem, facilitating the trade of stolen login credentials, compromised credit card details, and video game cheats. A message in a Cracked Telegram channel acknowledged the seizure, with administrators expressing uncertainty over the next steps.

Authorities continue to investigate, with the crackdown highlighting ongoing efforts to disrupt cybercriminal networks. More updates are expected as officials analyse the seized data and determine potential follow-up actions.

Binance faces new investigation in France over alleged crimes

French prosecutors have launched a new investigation into Binance, marking the second time authorities have scrutinised the crypto exchange. The probe includes allegations of drug trafficking, money laundering, and tax evasion, with possible additional charges yet to be disclosed. This follows an earlier inquiry in 2023 over suspected financial crimes linked to the platform.

Regulators worldwide have tightened their grip on cryptocurrency firms after the collapse of FTX and other high-profile failures. Binance has faced mounting legal challenges, including a record $4.3 billion settlement with US authorities. Despite leadership changes, including the resignation of founder Changpeng Zhao, the company remains under regulatory pressure.

As Binance navigates legal battles across multiple jurisdictions, its future in key markets remains uncertain. The latest investigation in France adds to the exchange’s ongoing struggles, reinforcing the global crackdown on crypto platforms accused of financial misconduct.

OpenAI warns about Chinese firms accessing US AI

OpenAI has raised concerns about Chinese companies attempting to access US AI technologies to enhance their models. In a statement released on Tuesday, OpenAI highlighted the critical need to protect its intellectual property and the most advanced capabilities in its AI systems. The company emphasised that it has put in place countermeasures to safeguard its innovations and is working closely with the US government to protect the technology from being exploited by competitors and adversaries.

These comments come in response to the White House’s ongoing review of national security risks posed by Chinese AI companies, particularly the rapidly growing startup DeepSeek. The US government has been looking into potential threats as China increasingly seeks to advance its AI capabilities. David Sacks, the White House’s AI and crypto czar, explained that Chinese firms are using an AI technique called “distillation,” which allows them to extract knowledge from leading US AI models, further raising concerns about intellectual property theft.

OpenAI’s statement underscores the challenges and security risks that arise as AI becomes a critical technology with broad applications, from national defence to economic competitiveness. The company’s efforts to protect its proprietary AI models are part of a broader push by the US to ensure that its technological edge is not compromised by foreign competitors who might attempt to bypass intellectual property protections. The situation highlights the increasing geopolitical tension surrounding AI development, especially as China continues to make significant strides in the field.

Australia warns public over Chinese AI model DeepSeek

The treasurer of Australia, Jim Chalmers, has urged caution regarding the use of the Chinese AI model DeepSeek, citing potential risks associated with the technology. Speaking at a news conference on Monday, Chalmers emphasised that the government is closely monitoring the situation and continuously receiving advice on its implications.

DeepSeek, a cost-efficient AI model released by China, has raised global concerns, particularly over its ability to challenge the dominance of US AI developers. Its debut caused significant market turbulence, with shares of AI chip leader Nvidia plunging by 17% on Monday before making a partial recovery.

The United States has also voiced concerns, announcing an investigation into the national security implications of DeepSeek. The scrutiny highlights growing geopolitical tensions around the advancement and control of AI technologies.

Italy blocks DeepSeek chatbot over privacy concerns

Italy’s data protection authority, the Garante, has ordered the Chinese AI startup DeepSeek to block its chatbot in the country, citing insufficient responses to queries about its privacy policy. The watchdog had requested detailed information on data collection practices, sources, purposes, and storage, particularly concerning whether user data is stored in China. DeepSeek’s failure to adequately address these concerns prompted the Garante to impose an immediate ban and launch an investigation.

DeepSeek had removed its AI assistant from Italian app stores earlier this week but claimed it was not subject to local regulation. Agostino Ghiglia, a member of the Garante’s board, stated that the company’s stance worsened its position. Italian users who had already downloaded the app still reported access to the chatbot, while the web version remains operational. The Garante emphasised that European citizens must have clear consent and data protection guarantees, especially regarding servers located in China.

The Garante’s action highlights growing scrutiny of AI platforms in Europe, with data regulators in Ireland and France also questioning DeepSeek’s privacy practices. Italy‘s proactive approach has drawn attention; the country temporarily banned ChatGPT in 2023 over similar concerns. DeepSeek has positioned its AI as a cost-effective alternative to US models, surpassing ChatGPT as the top-rated app on Apple’s US App Store. However, its refusal to cooperate with European regulators may jeopardise its expansion.

EU sanctions three Russians over 2020 cyberattacks on Estonia

The European Union has imposed sanctions on three Russian nationals for their alleged role in cyberattacks targeting Estonia in 2020. Nikolay Korchagin, 28, Vitaly Shevchenko, 28, and Yuriy Denisov, 45—suspected operatives of the cyber division of Russia’s GRU military intelligence service—are accused of breaching classified Estonian government networks and stealing sensitive data.

According to the Council of the EU, the attacks compromised thousands of confidential documents, including business secrets, health records, and other critical information. In September 2024, Estonia publicly attributed the attack to Unit 29155, marking the first time the country formally identified a state-backed cyber operation.

‘Both a national and an international investigation that included 10 countries showed that Russia aimed to damage national computer systems, obtain sensitive information and strike a blow against our sense of security,’ Estonian Foreign Minister Margus Tsahkna stated at the time.

As part of the sanctions, Korchagin, Shevchenko, and Denisov face an asset freeze, a prohibition on EU individuals and businesses providing them with funds, and a travel ban barring them from entering or transiting through the EU territory.

The move follows a similar decision by the US government in September last year. The US Department of Justice indicted members of Unit 29155 and placed a $10 million bounty for information aiding prosecution. The indictment primarily focused on the WhisperGate cyberattack—a data-wiping operation targeting Ukraine ahead of Russia’s 2022 invasion. Korchagin and Denisov were specifically named in the US sanctions, while Shevchenko was labelled an ‘associated individual’ by the State Department.

Last year, the EU’s credibility in cyber sanctions was undermined when a clerical error in a formal sanctions notice mistakenly identified the wrong Russian intelligence agency responsible for a series of cyberattacks. Additionally, Bart Groothuis, a Dutch MEP and former Ministry of Defence employee, noted that the EU’s response remains fragmented, particularly in comparison to coordinated actions taken by the US and UK.

Europol highlights encryption concerns at the World Economic Forum

At the World Economic Forum in Davos, Europol’s executive director, Catherine De Bolle, urged tech companies to provide law enforcement access to encrypted messages, citing public safety concerns. While she argued this is necessary to combat crime and protect democracy, critics highlighted the risks of undermining encryption, which is essential for privacy and individual freedoms.

De Bolle compared accessing encrypted communications to executing a search warrant in a locked house. However, this analogy oversimplifies the issue, as encryption safeguards sensitive data and ensures private communication, even under authoritarian regimes. Weakening it could lead to widespread misuse, enabling mass surveillance and suppression, as seen in places like Russia.

Advocates for privacy stress that encryption is not merely a barrier to crime but a cornerstone of democracy, enabling free speech and safeguarding against state overreach. While law enforcement has other tools for crime-fighting, creating backdoors to encryption would expose everyone to cyber risks and potentially render digital security obsolete.

If governments succeed in weakening encryption, decentralised solutions backed by blockchain technology could rise, making such access nearly impossible in the future. The debate underscores the critical balance between security and preserving fundamental rights.