I occasionally hear implications that cyber + AI + rogue human hackers will cause mass devastation, in ways that roughly match “lots of cyberattacks happening all over.” I’m skeptical of this causing over $1T/year in damages (for over 5 years, pre-TAI), and definitely of it causing an existential disaster.
There are some much more narrow situations that might be more X-risk-relevant, like [A rogue AI exfiltrates itself] or [China uses cyber weapons to dominate the US and create a singleton], but I think these are so narrow they should really be identified individually and called out. If we’re worried about them, I’d expect we’d want to take very different actions then to broadly reduce cyber risks.
I’m worried that some smart+influential folks are worried about the narrow risks, but then there’s various confusion, and soon we have EAs getting scared and vocal about the broader risks.
Here’s the broader comment against cyber + AI + rogue human hacker risks, or maybe even a lot of cyber + AI + nation state risks.
Note: This was written quickly, and I’m really not a specialist/expert here.
1. There’s easily $10T of market cap of tech companies that would be dramatically reduced if AI systems could invalidate common security measures. This means a lot of incentive to prevent this.
2. AI agents could oversee phone calls and video calls, and monitor other conversations, and raise flags about potential risks. There’s already work here, there could be a lot more.
3. If LLMs could detect security vulnerabilities, this might be a fairly standardized and somewhat repeatable process, and actors with more money could have a big advantage. If person A spend $10M using GPT5 to discover 0-days, they’d generally find a subset compared to person B, who spends $100M. This could mean that governments and corporations would have a large advantage. They could do such investigation during the pre-release of software, and have ongoing security checks as new models are released. Or, companies would find bugs before attackers would. (There is a different question of whether the bug is cost-efficient to fix).
4. The way to do a ton of damage with LLMs and cyber is to develop offensive capabilities in-house, then release a bunch of them at once in a planned massive attack. In comparison, I’d expect that many online attackers using LLMs wouldn’t be very coordinated or patient. I think that attackers are already using LLMs somewhat, and would expect this to scale gradually, providing defenders a lot of time and experience.
5. AI code generation is arguably improving quickly. This could allow us to build much more secure software, and to add security-critical features.
6. If the state of cyber-defense is bad enough, groups like the NSA might use it to identify and stop would-be attackers. It could be tricky to have a world where it’s both difficult to protect key data, but also, it’s easy to remain anonymous when going after other’s data. Similarly, if a lot of the online finance world is hackable, then potential hackers might not have a way to store potential hacking earnings, so could be less motivated. It just seems tough to fully imagine a world where many decentralized actors carry out attacks that completely cripple the economy.
7. Cybersecurity has a lot of very smart people and security companies. Perhaps not enough, but I’d expect these people could see threats coming and respond decently.
8. Very arguably, a lot of our infrastructure is fairly insecure, in large part because it’s just not attacked that much, and when it is, it doesn’t cause all too much damage. Companies historically have skimped on security because the costs weren’t prohibitive. If cyberattacks get much worse, there’s likely a backlog of easy wins, once companies actually get motivated to make fixes.
9. I think around our social circles, those worried about AI and cybersecurity generally talk about it far more than those not worried about it. I think this is one of a few biases that might make things seem scarier than they actually are.
10. Some companies like Apple of gotten good at rolling out security updates fairly quickly. In theory, an important security update to iPhones could reach 50% penetration in a day or so. These systems can improve further.
11. I think we have yet to see the markets show worry about cyber-risk. Valuations of tech companies are very high, cyber-risk doesn’t seem like a major factor when discussing tech valuations. Companies can get cyber-insurance—I think the rates have been going up, but not exponentially.
12. Arguably, there’s many trillions of dollars being held to by billionaires and others that they don’t know what to do with. If something like this actually causes 50%+ global wealth to drop, it would be an enticing avenue for such money to go. Basically, we do have large reserves to spend, if the EV is positive enough, as a planet.
13. In worlds with much better AI, many AI companies (and others) will be a lot richer, and be motivated to keep the game going.
14. Very obviously, if there’s 10T+ at stake, this would be a great opportunity for new security companies and products to enter the market.
15. Again, if there’s 10T+ at stake, I’d assume that people could change practices a lot to use more secure devices. In theory all professionals could change to one of a few locked-down phones and computers.
16. The main scary actors potentially behind AI + Cyber would be nation states and rogue AIs. But nation-states have traditionally been hesitant to make these (meaning $1T+ damage) attacks outside of wartime, for similar reasons that they are hesitant to do military attacks outside wartime.
17. I believe that the US leads on cyber now. The US definitely leads on income. More cyber/hacking abilities would likely be used heavily by the US state. So, if they become much more powerful, the NSA/CIA might become far better at using cyber attacks to go after other potential international attackers. US citizens might have a hard time being private and secure, but so would would-be attackers. Cyber-crime becomes far less profitable if the attackers themselves can preserve their own privacy and security. There are only 8 Billion people in the world, so in theory it might be possible to oversee everyone with a risk of doing damage (maybe 1-10 million people)? Another way of putting this is that better cyber offense could directly lead to more surveillance by the US department. (This obviously has some other downsides, like US totalitarian control, but that is a very different risk)
I wonder if some of the worry on AI + Cyber is akin to the “sleepwalking fallacy”. Basically, if AI + Cyber becomes a massive problem, I think we should expect that there will be correspondingly massive resources spent then trying to fix it. I think that many people (but not all!) worried about this topic aren’t really imagining what $1-10T of decently-effective resources spent on defense would do.
I think that AI + Cyber could be critical threat vector for malicious and powerful AIs in the case of AI takeover. I also could easily see it doing $10-$100B/year of damage in the next few years. But I’m having trouble picturing it doing $10T/year of damage in the next few years, if controlled by humans.
I occasionally hear implications that cyber + AI + rogue human hackers will cause mass devastation, in ways that roughly match “lots of cyberattacks happening all over.” I’m skeptical of this causing over $1T/year in damages (for over 5 years, pre-TAI), and definitely of it causing an existential disaster.
There are some much more narrow situations that might be more X-risk-relevant, like [A rogue AI exfiltrates itself] or [China uses cyber weapons to dominate the US and create a singleton], but I think these are so narrow they should really be identified individually and called out. If we’re worried about them, I’d expect we’d want to take very different actions then to broadly reduce cyber risks.
I’m worried that some smart+influential folks are worried about the narrow risks, but then there’s various confusion, and soon we have EAs getting scared and vocal about the broader risks.
Some more discussion in this Facebook Post.
Here’s the broader comment against cyber + AI + rogue human hacker risks, or maybe even a lot of cyber + AI + nation state risks.
Note: This was written quickly, and I’m really not a specialist/expert here.
1. There’s easily $10T of market cap of tech companies that would be dramatically reduced if AI systems could invalidate common security measures. This means a lot of incentive to prevent this.
2. AI agents could oversee phone calls and video calls, and monitor other conversations, and raise flags about potential risks. There’s already work here, there could be a lot more.
3. If LLMs could detect security vulnerabilities, this might be a fairly standardized and somewhat repeatable process, and actors with more money could have a big advantage. If person A spend $10M using GPT5 to discover 0-days, they’d generally find a subset compared to person B, who spends $100M. This could mean that governments and corporations would have a large advantage. They could do such investigation during the pre-release of software, and have ongoing security checks as new models are released. Or, companies would find bugs before attackers would. (There is a different question of whether the bug is cost-efficient to fix).
4. The way to do a ton of damage with LLMs and cyber is to develop offensive capabilities in-house, then release a bunch of them at once in a planned massive attack. In comparison, I’d expect that many online attackers using LLMs wouldn’t be very coordinated or patient. I think that attackers are already using LLMs somewhat, and would expect this to scale gradually, providing defenders a lot of time and experience.
5. AI code generation is arguably improving quickly. This could allow us to build much more secure software, and to add security-critical features.
6. If the state of cyber-defense is bad enough, groups like the NSA might use it to identify and stop would-be attackers. It could be tricky to have a world where it’s both difficult to protect key data, but also, it’s easy to remain anonymous when going after other’s data. Similarly, if a lot of the online finance world is hackable, then potential hackers might not have a way to store potential hacking earnings, so could be less motivated. It just seems tough to fully imagine a world where many decentralized actors carry out attacks that completely cripple the economy.
7. Cybersecurity has a lot of very smart people and security companies. Perhaps not enough, but I’d expect these people could see threats coming and respond decently.
8. Very arguably, a lot of our infrastructure is fairly insecure, in large part because it’s just not attacked that much, and when it is, it doesn’t cause all too much damage. Companies historically have skimped on security because the costs weren’t prohibitive. If cyberattacks get much worse, there’s likely a backlog of easy wins, once companies actually get motivated to make fixes.
9. I think around our social circles, those worried about AI and cybersecurity generally talk about it far more than those not worried about it. I think this is one of a few biases that might make things seem scarier than they actually are.
10. Some companies like Apple of gotten good at rolling out security updates fairly quickly. In theory, an important security update to iPhones could reach 50% penetration in a day or so. These systems can improve further.
11. I think we have yet to see the markets show worry about cyber-risk. Valuations of tech companies are very high, cyber-risk doesn’t seem like a major factor when discussing tech valuations. Companies can get cyber-insurance—I think the rates have been going up, but not exponentially.
12. Arguably, there’s many trillions of dollars being held to by billionaires and others that they don’t know what to do with. If something like this actually causes 50%+ global wealth to drop, it would be an enticing avenue for such money to go. Basically, we do have large reserves to spend, if the EV is positive enough, as a planet.
13. In worlds with much better AI, many AI companies (and others) will be a lot richer, and be motivated to keep the game going.
14. Very obviously, if there’s 10T+ at stake, this would be a great opportunity for new security companies and products to enter the market.
15. Again, if there’s 10T+ at stake, I’d assume that people could change practices a lot to use more secure devices. In theory all professionals could change to one of a few locked-down phones and computers.
16. The main scary actors potentially behind AI + Cyber would be nation states and rogue AIs. But nation-states have traditionally been hesitant to make these (meaning $1T+ damage) attacks outside of wartime, for similar reasons that they are hesitant to do military attacks outside wartime.
17. I believe that the US leads on cyber now. The US definitely leads on income. More cyber/hacking abilities would likely be used heavily by the US state. So, if they become much more powerful, the NSA/CIA might become far better at using cyber attacks to go after other potential international attackers. US citizens might have a hard time being private and secure, but so would would-be attackers. Cyber-crime becomes far less profitable if the attackers themselves can preserve their own privacy and security. There are only 8 Billion people in the world, so in theory it might be possible to oversee everyone with a risk of doing damage (maybe 1-10 million people)? Another way of putting this is that better cyber offense could directly lead to more surveillance by the US department. (This obviously has some other downsides, like US totalitarian control, but that is a very different risk)
I wonder if some of the worry on AI + Cyber is akin to the “sleepwalking fallacy”. Basically, if AI + Cyber becomes a massive problem, I think we should expect that there will be correspondingly massive resources spent then trying to fix it. I think that many people (but not all!) worried about this topic aren’t really imagining what $1-10T of decently-effective resources spent on defense would do.
I think that AI + Cyber could be critical threat vector for malicious and powerful AIs in the case of AI takeover. I also could easily see it doing $10-$100B/year of damage in the next few years. But I’m having trouble picturing it doing $10T/year of damage in the next few years, if controlled by humans.