Microsoft, OpenAI & NVIDIA working with US federal agencies in case critical AI systems get attacked

Officials from the US Federal government, met with several tech companies including major AI model operators, cybersecurity companies, and AI hardware makers to kickstart the first joint simulation of a cyberattack on major critical AI systems.

This exercise was essential because responding to cyber threats targeting AI technologies requires a different approach than dealing with typical hacks.

Both Washington and Silicon Valley are working to get ahead of the unique cyber threats facing AI companies. Historically, security measures often lag behind as new technologies become mainstream, leaving many companies vulnerable to evolving cyber threats, as reported by Axios.

Clayton Romans, associate director of the Cybersecurity and Infrastructure Security Agency’s Joint Cyber Defense Collaborative (JCDC), pointed out that as AI tools become more widespread, hackers could use them to speed up and scale their attacks.

The JCDC hosted the tabletop exercise at Microsoft’s offices in Reston, Virginia. As is standard with such simulations, CISA did not publicly disclose the specific incident that participants simulated.

Romans explained that the exercise focused on the current threats they are seeing and how the government and private sector can share information about those threats.

Over 50 AI experts from the US government, international government offices, and private companies participated in the four-hour session, including representatives from Amazon Web Services, Microsoft, Nvidia, OpenAI, and Palantir.

Kyle Wilhoit, director of threat research at Palo Alto Networks’ Unit 42, was one of the participants. He said the exercise provided an opportunity to talk about the current threats they are seeing and speculate on what new attack vectors leveraging AI might look like in the future.

The exercise also helped CISA identify key contacts in the private sector for AI-related incidents and vice versa, according to Romans. This mutual understanding is crucial for effective communication and response during an AI-related cyber incident.

The tabletop exercise allowed participants to explore potential new threats on the horizon. The insights gained from the exercise will contribute to the development of CISA’s forthcoming AI security incident playbook, which is expected to be published before the end of the year.

Romans mentioned that the JCDC plans to host another AI tabletop exercise before releasing the playbook.

Looking ahead, the lessons learned from these exercises will be vital in shaping the strategies and protocols for handling AI-related cyber threats.

By proactively addressing these issues, federal officials and industry leaders aim to strengthen the security and resilience of AI systems, ensuring they can withstand and quickly recover from potential cyberattacks.