DeepSeek breach yet again sheds light on AI dangers

COMMENTARY: AI isn't waiting for security teams to catch up. It's running full-steam ahead, without any regard for what may stand in its way.

The recent security issue that hit the news surrounding DeepSeek—where Wiz researchers uncovered extensive vulnerabilities including exposed databases, weak encryption, and susceptibility to AI-model jailbreaking—serves as a stark warning for organizations rushing to adopt AI technologies without proper security controls.

[SC Media Perspectives columns are written by a trusted community of SC Media cybersecurity subject matter experts. Read more Perspectives here.]

The vulnerabilities discovered in DeepSeek reveal a pattern in how organizations approach AI security. When Wiz uncovered a publicly-accessible ClickHouse database containing sensitive chat histories and API secrets, it exposed more than just DeepSeek's technical oversights—it revealed the fundamental gaps in how we're securing AI systems.

The discovered vulnerabilities read like a security team's nightmare checklist. Beyond the exposed database, SecurityScorecard's STRIKE team identified outdated cryptographic algorithms and weak data protection mechanisms.

Researchers found SQL injection vulnerabilities that could give attackers unauthorized access to user records. Most concerning, the DeepSeek-R1 model showed alarming failure rates in security tests—91% for jailbreaking and 86% for prompt injection attacks.

DeepSeek is news, but AI threats aren't

DeepSeek isn't an anomaly. It's a canary in the coal mine, warning us about the security challenges that come with rapid AI adoption. The company's practice of collecting user inputs, keystroke patterns, and device data, highlights the complex data privacy implications of AI deployment.

Beyond DeepSeek's specific case, AI has introduced a range of security challenges across the technology landscape, including:

Data exposure and privacy: Organizations face significant risks from unauthorized access to sensitive user data, including chat histories and personal information. The collection of keystroke patterns and device data creates additional privacy concerns, especially when this information gets stored in jurisdictions with weak privacy protections.

AI model vulnerabilities: Testing reveals critical weaknesses in AI model security. These vulnerabilities could let attackers manipulate model outputs or extract sensitive information.

Infrastructure security: Weak encryption practices and outdated cryptographic algorithms compromise overall system security. SQL injection vulnerabilities offer potential access to unauthorized database content, while poor system segmentation enables lateral movement within connected networks.

Intellectual property: Unauthorized access to AI systems risks exposing proprietary algorithms, training data, and model architecture. This creates significant competitive risks as attackers could potentially steal or reverse engineer core AI technology. The severity of these risks has prompted major institutions, including the U.S. Navy, Pentagon, and New York State, to ban DeepSeek because of “shadow AI” concerns—highlighting how intellectual property vulnerabilities can lead to broader security policy implications.

Regulatory compliance: Organizations must navigate complex data protection regulations like GDPR and CCPA. Security breaches can result in substantial fines and legal liabilities, while cross-border data transfers create additional compliance challenges.

Supply chain threats: Third-party AI components and development tools introduce potential backdoors and vulnerabilities. Organizations face significant challenges in verifying the security of external AI models and services they depend on.

Take control of the company’s AI security

While the AI security landscape may seem daunting, organizations aren't powerless. Develop comprehensive exposure management strategies before rolling out AI technologies. From our experience working with enterprises across industries, here are the essential components of an effective program:

Focus on external exposures: With over 80% of breaches involving external actors, organizations must prioritize their external attack surface. This means continuously monitoring internet-facing assets, especially AI endpoints and related infrastructure.

Find everything: Make discovery comprehensive across all business units, subsidiaries, and acquisitions. This includes cloud services, on-premise systems, and third-party integrations. AI systems often have complex dependencies that create unexpected exposure points.

Test everything: Implement continuous security testing on all exposed assets, not just those deemed critical. This includes regular application security assessments, penetration testing, and AI-specific security evaluations. Traditional "crown jewels" approaches miss critical vulnerabilities in seemingly low-priority systems.

Prioritize based on risk: Evaluate threats based on their potential business impact rather than technical severity alone. Consider factors like data sensitivity, operational dependencies, and potential regulatory implications when prioritizing remediation efforts.

Share broadly: Integrate exposure management into existing security processes through automation and clear communication channels. Ensure findings are shared with relevant stakeholders and feed into broader security operations and incident response processes.

The DeepSeek incident serves as a critical wake-up call for organizations racing to implement AI technologies. As AI systems become increasingly integrated into core business operations, the security implications extend far beyond traditional cybersecurity concerns. Organizations must recognize that AI security requires a fundamentally different approach—one that combines robust technical controls with comprehensive exposure management strategies.

The rapid pace of AI advancement means security teams can't afford to play catch-up. Instead, teams must build security considerations into AI initiatives from the ground up, with continuous monitoring and testing becoming standard practice. The stakes are simply too high to treat AI security as an afterthought.

Organizations need to act now to implement comprehensive exposure management programs that address the unique challenges of AI security. Those that fail to do so risk not just data breaches and regulatory penalties, but potentially catastrophic damage to their operations and reputation. In the evolving landscape of AI technology, we can’t consider security an option. We need to make security fundamental to how we build and deploy AI systems.

Graham Rance, vice president, global pre-sales, CyCognito

SC Media Perspectives columns are written by a trusted community of SC Media cybersecurity subject matter experts. Each contribution has a goal of bringing a unique voice to important cybersecurity topics. Content strives to be of the highest quality, objective and non-commercial.