China's AI Heist: The Spy Bots Behind Beijing's AI Ambitions

The Big Picture: Key Points

  • DeepSeek, a Chinese chatbot, was accused of using 'distillation attacks' to siphon information from US companies like OpenAI and Anthropic.
  • The US AI companies have labelled these attempts 'distillation attacks', where a cut-price AI attempts to learn from its expensively trained rival by copying how it answers thousands of questions.
  • China's alleged use of AI spy bots has sparked concerns about intellectual property theft and the potential erosion of the US's technological lead in the AI sector.
The Chinese government has been accused of using Artificial Intelligence spy bots to steal sensitive information from US tech companies. The allegations center around DeepSeek, a Chinese chatbot that was released in January last year and was found to have capabilities similar to those of US-based AI models like ChatGPT and Claude. However, suspicions emerged about how DeepSeek had achieved this level of sophistication, with OpenAI claiming that the Chinese company had improperly trained its model by siphoning information from OpenAI's own systems.

Distillation Attacks: A New Form of Industrial Espionage

The technique used by DeepSeek and other Chinese labs is known as a 'distillation attack', where a hostile AI bot enters a chat with a high-end Silicon Valley AI tool and runs millions of queries to harvest the answers. This information is then used to train the attacker's own AI model, allowing it to mimic the capabilities of the original model. While Machine Learning distillation has legitimate uses, such as creating cheaper versions of expensive AI models, labs insist that when done by a rival, it amounts to unfair free-loading. According to Anthropic, the Chinese labs created 24,000 fraudulent accounts that undertook 16 million different chats with Claude to try and copy it. Google researchers, meanwhile, uncovered a bot that asked 100,000 suspicious queries of its Gemini chatbot in an effort to clone its knowledge. Chinese labs have successfully evaded the defences of America's labs, using network proxy services to mask the origins of their bots and hide their fake accounts within legitimate traffic.

Implications for the US Tech Industry

The alleged use of AI spy bots by China has significant implications for the US tech industry. If Chinese companies can train their AI models by leaching from US companies, it could erode the US's technological lead and undermine hundreds of billions of dollars in AI Innovation investments. The attacks 'undercut the significant investments of American firms, who have poured billions into building out the infrastructure needed to run high-end AI models', says Jack Burnham, a China analyst at the Foundation for Defense of Democracies.

Response from US Companies and Government

US AI companies have been scrambling to shore up their defences against these attacks. Anthropic has cut off Chinese access to its technology and built new cyber tools intended to detect unusual usage. OpenAI, Anthropic, and Google have joined an industry group that will share information on potential AI distillation campaigns so they can be cut off. Republican Congressmen in the US have proposed a law banning such data extraction and sanctioning companies caught doing it.

FAQ

  1. What is a distillation attack, and how does it work?
    2. A distillation attack is a technique where a hostile AI bot enters a chat with a high-end AI tool and runs millions of queries to harvest the answers. This information is then used to train the attacker's own AI model, allowing it to mimic the capabilities of the original model.
  2. Why is the alleged use of AI spy bots by China a concern for the US tech industry?
    3. The alleged use of AI spy bots by China is a concern for the US tech industry because it could erode the US's technological lead and undermine hundreds of billions of dollars in AI investments.
  3. What measures are being taken to prevent further AI distillation attacks?
    4. US AI companies are taking measures such as cutting off Chinese access to their technology, building new cyber tools to detect unusual usage, and sharing information on potential AI distillation campaigns to cut them off.

Related News

For more information on the latest developments in Generative AI, visit our topic page.