A Chinese AI startup, DeepSeek, recently fell victim to a massive cyberattack launched by American hackers, as reported by CCTV. The timing of the attack coincided with the release of the company’s new AI model, the R1. The attack, which commenced on January 3rd, peaked on Monday and Tuesday when DeepSeek experienced a series of aggressive brute force attacks originating from IP addresses in the United States.
The cyber attack on DeepSeek unfolded in multiple stages, starting with DDoS attacks that overwhelmed the company’s servers and disrupted its platform’s stability. Subsequently, the attack escalated into brute force hacking, a systematic method of trying multiple logins and passwords to access the system. Security experts from XLab noted that the attacks grew increasingly sophisticated and widespread, indicating a concerted effort to breach DeepSeek’s system and access its AI model.
Interestingly, the attackers were not confined to the United States alone, with malicious activities originating from countries like Singapore, the Netherlands, Germany, and even China. In response to the ongoing threats, DeepSeek decided to restrict new user registrations to individuals with mainland Chinese mobile numbers, a measure aimed at enhancing security and safeguarding the platform from further attacks.
The timing of the cyberattack aligned with the launch of DeepSeek’s OpenAI-R1 model on January 10, which garnered praise for its competitiveness and cost-effectiveness compared to American counterparts. The success of the new AI model attracted global attention within the AI community and sparked apprehension among American policymakers.
It is worth noting that OpenAI had previously accused DeepSeek of utilizing data illegally to train its AI models, despite instances of copyright infringement by the former. Ongoing investigations in both the United States and Europe have further complicated DeepSeek’s position, compounded by the removal of the app from the App Store following a significant data breach in Italy.
As the cybersecurity landscape continues to evolve, incidents like the cyberattack on DeepSeek underscore the importance of robust risk mitigation strategies and proactive measures to safeguard sensitive data and intellectual property from malicious actors. The repercussions of such attacks extend beyond financial losses to encompass reputational damage and regulatory scrutiny, underscoring the critical need for heightened vigilance and resilience in the face of cyber threats.