The case of the AI deleting an entire codebase despite being explicitly told not to do that hit several social media sites as a condemnation of AI. But the truth is that there were issues much sooner, if you knew where to find them.
In coding, there are ‘packages’, which are online resources that are mostly static. These packages are used so the coder who’s doing the work in that moment doesn’t have to re-teach a computer how to do a particular type of math, or how to do accounting spreadsheets, or whatever function that online package does. Even if they wanted to, a lot of times, a coding project isn’t going to benefit from having a ton of code written out just to do one or two things before handing it off to the rest of the program, so calling in a package is a good maneuver. Naturally, code looking to execute the same process would call the same borrowed code from the same place.
AI coding introduced a hole where – if the person trying to code doesn’t know to look for this hole – the AI can accidentally call in a bit of malicious code instead of the code the person was actually looking to call in. If the generative AI writing the code incorrectly calculates the developer will want a resource titled “AlmostCorrect” instead of the actual resource “ActuallyCorrect”, and it does this enough that bad actors notice, it’s possible to create a resource named “AlmostCorrect” and fill the hole that would otherwise cause an error while writing.
(This is an exploit that has already existed for some time – when someone wanted to get their malicious resource called, they might title it after typos like ‘ActualyCorrect’ or ‘ActuallCorrect’, and it would occasionally get called up that way!)
Then, the AI doesn’t notice because it runs, the people writing don’t notice unless they’re being thorough (as in, actually investigating the package, because AI search results for an obscure package have no other choice but to pull from the package’s “read me” file, which is also written by the people who wrote the malware, and can say literally whatever they think will convince you the package is safe), and the bad actor wins something out of an interaction they’d otherwise have no part in.
We saw something similar in concept when Google launched a bunch of top level domains (the bit of the web address that goes on the end of a URL, like .com or .gov) with names like .zip, which meant that someone could link to a website with a download using .zip to misdirect people who clicked on it thinking they were getting an actual .zip file instead. By slipping in a middle man (the website) they’re able to make the user go somewhere they didn’t mean to and download something else.
If you’re worried about cybersecurity, get in touch – we have a number of services to make your devices more secure against interlopers, including not only antivirus but desktop-management services designed to keep employees from downloading malicious files by accident in the first place! (Here: https://elixistechnology.com/cybersecurity/)
