Poised to radically disrupt the generative AI space, the Chinese startup, DeekSeek, sent shockwaves across global economic markets after debuting its R1 AI assistant in January. As a reasoning model, DeepSeek is fed a myriad of data by its parent company, High-Flyer, so that it can train itself to better recognize patterns; this makes DeepSeek similar to ChatGPT with one enormous difference: DeepSeek is about 10x cheaper than its American counterpart. The news of DeepSeek’s success has seemingly transformed the future of AI overnight and put immediate pressure on other generative AI companies. Moreover, with the announcement by the Trump administration that American developers no longer need to observe previous AI safeguards, the race to develop the world’s most powerful and efficient AI is well underway.
However, notoriety brings both positive and negative attention, and DeepSeek’s success is no exception. Not long after the generative AI’s debut, black hat actors decided to test the model’s cybersecurity protections, leading to DeepSeek’s announcement that it had been the victim of a “large-scale malicious attack.” The question on everyone’s mind is: was this hacking effort a traditional DDoS, or did High-Flyer face scalability issues in the wake of its success? This question is prompted by the fact that DeepSeek allowed returning users to log into their accounts, whereas new registrations were not permitted. So, in other words, why was the app either unwilling (or unable) to take on new users in the aftermath—was this because DeepSeek could not guarantee data privacy to new users?
The report of DeepSeek’s cybersecurity breach also coincided with concerns regarding the national security implications of open-source AI development. Similar to the Italian government’s concern with OpenAI, researchers discovered a publicly exposed DeepSeek database that displayed chat histories, application programming interface keys and backend details. However, this discovery was not a byproduct of the large-scale attack—it was the result of the careless handing of user information. These same researchers were able to jailbreak DeepSeek and subject the generative AI to common cyberattack tactics, which suggests that DeepSeek is more susceptible to cyberattacks than other generative AIs, due to the nature of its open source. Accordingly, users should think carefully about whether they want to entrust their personal information to High-Flyer and its generative AI.
