New artificial intelligence (AI) model DeepSeek does not have appropriate security guardrails to protect against cyber risks, a report concluded based on recent safety testing that found it to be less resistant than other leading AI models.
DeepSeek R1, a new frontier reasoning model from Chinese AI startup DeepSeek, underscores the urgent need for AI developments to ensure that efficiency does not impede safety mechanisms, a report on the research said.
The research was conducted by AI security researchers from Robust Intelligence, now a part of Cisco, a US-based software development company, and the University of Pennsylvania.
Results from researchers’ automated attack methodology revealed “critical security flaws”. The results concluded that DeepSeek R1 exhibited a 100% attack success rate, the report said, meaning it failed to block a single harmful prompt.
The research team measured the model against six categories of harmful behaviours including cybercrime, misinformation, illegal activities, and general harm.
“[DeepSeek] contrasts starkly with other leading models, which demonstrated at least partial resistance,” the report said. “Our findings suggest that DeepSeek’s claimed cost-efficient training methods, including reinforcement learning, chain-of-thought self-evaluation, and distillation may have compromised its safety mechanisms.”
Currently, the model lacks robust guardrails which makes it “highly susceptible” to “algorithm jailbreaking” and potential misuse, the report said, reaffirming the importance of using third-party guardrails that provide consistent, reliable safety and security protections across AI applications.
— To comment on this article or to suggest an idea for another article, contact Steph Brown at Stephanie.Brown@aicpa-cima.com.