US spy agencies to deploy artificial generative weapons intelligence (AI) to analyze sensitive data. It was announced last week that Microsoft’s generative AI model for intelligence communities would solve the security challenges of large language models (LLM) – which are usually connected to the Internet – by “air-gapping” the tools to a cloud-based environment.
It will be the first major LLM to be separated from the Internet, but it will retain much of the computing power. Generative AI can analyze huge amounts of data and be used to recognize patterns much faster than humans. The CIA began using a generative AI tool last year for unclassified purposes, but more sensitive national security information must be isolated from the public internet.
“This is the first time we have an isolated version – when isolated means it is not connected to the Internet – and it is on a special network that is only accessible to the US government,” William Chappell , Microsoft’s technical director for strategic missions. and technology, told Bloomberg.
Generative AI and CI
Chappell told Bloomberg that the new AI tool could theoretically be accessible to 10,000 members of the intelligence community (IC) who need access to Top secret data. The tool went live last Thursday and will enter a testing and accreditation phase before it can be used more widely by the intelligence community.
“Generative AI can help intelligence services process data faster and discover connections between different data points,” technology industry analyst Roger Entner of Recon Analytics told ClearanceJobs. “One of the most important areas should be processing the countless phone calls, emails and other data transmissions that services collect and must make sense of.”
Air Gap Platform
The AI platform was developed in a way that it can read files, but without learning from them that could impact its output. The data is also not accessible from the Internet.
“Keeping it separate and away from the Internet is the only way to look at the integrated circuit using generative AI technology,” explained Dr. Jim Purtilo, associate professor of computer science at the University of Maryland.
“With the exception of the sensitivity of the domain, and thus the risk of disclosing important information to its other users, it is fair to assume that Microsoft’s LLM would be used in all the usual ways in which we use this technology today – assist in the preparation of reports, answer general questions, search for information, etc. ,” Purtilo told ClearanceJobs. “The workflow often resembles what happens in corporate America and therefore can be streamlined with emerging tools. »
However, a concern, even with an isolated model, is the risk of data leakage between protected IC projects.
“As typically configured, these models learn prompts over time, so one can imagine that sharing a model will also inadvertently share information outside of a siled project,” he said. Purtilo continued. “The response to a user’s prompt may be based on another user’s interactions that were never intended to indicate that certain data was known.”
Managing AI bias
Another concern will be issues of bias, warned Purtilo, who noted that in open systems we have already seen how over- or under-weighting certain properties in the model can lead to spectacular “strange behavior.” He highlighted Google’s AI depicting President George Washington as a black man, a result of AI built on biased data sets or produced by biased engineers.
Although Washington’s description has drawn scrutiny, there are concerns that the IC could draw erroneous conclusions from similar biases.
“Within the IC, however, one of the most important principles is skepticism,” Purtilo added. “The danger is that whoever trains the model conditions responses over time in ways that hide bias and overcome critical scrutiny. This may be inadvertent, but it will nevertheless distance us from our primary role as guardians of cold objectivity when advising leaders.
Finally, there is the concern about the specificity of the data.
“In open systems, we know that LLMs seem free to just invent things, sometimes described as mind-blowing,” Purtilo said. “These models are basically an average of what most previous users seemed to want to hear, and often what we want to hear is not what is real. The IC simply cannot afford to risk taking key details of an LLM at face value. Everything will have to be checked.
