Security with ChatGPT: What happens when AI meets your API?
By Filip Verloy, Field CTO at Noname Security
It only takes one API vulnerability for an attacker to access critical information — are we ready to cede that responsibility to AI just yet?
Since the release of ChatGPT’s free research preview, people have been using artificial intelligence (AI) and artificial general intelligence (AGI) in new and unique ways. This popularity will only increase with the recent release of GPT-4. However, the increasing popularity of ChatGPT has also prompted more questions than answers on AI-related cybersecurity risks.
AI has the potential to significantly improve mundane day-to-day tasks by increasing the speed of business operations, providing invaluable business efficiencies and, over time, avoiding mistakes. This is incredibly exciting through the lens of a developer, business leader or employee. Unfortunately, this is sometimes at the expense of cybersecurity.
Upholding the Mastery and Accuracy of GPT-4
The newly developed GPT-4 allows users to interact with GPT via image-based input in addition to text-based information. However, that is limited to certain partners for the time being. Generative AI, as the field is commonly known, has the capability to create all kinds of data, text, images, and code.
This type of AI analyses existing data to recognise patterns. For GPT-4, the exact size of the training set has led to a lot of speculation and misinformation online; even OpenAI’s CEO Sam Altman is sceptical about these advancements.
Whatever the case may be, the updated system is remarkable, even tempting Bill Gates to reignite his advisory role for Microsoft on matters of AI. When he first saw the GPT-3.5 and early GPT-4 demo, he sent the OpenAI team back to the drawing board and gave them the challenge to come back when they could pass an advanced placement biology exam. Fully expecting them to take 2 or 3 years to meet the challenge, they came back a few months later and did exactly that.
Beyond its mastery of language, GPT-4 can solve novel and difficult tasks that span mathematics, coding, vision, medicine, law, psychology and more without needing any special prompting. It turns out GPT is very good at passing all kinds of exams, since it is a perfect use case for Large Language Models (LLMs). These use deep learning algorithms to process and understand natural language. If anything contains huge amounts of text data to learn patterns and relationships, it is university textbooks.
AI Meets API
GPT-4’s performance is strikingly close to that of humans in completing these tasks and often vastly surpasses prior models such as ChatGPT. Given the breadth and depth of GPT-4’s capabilities, Microsoft Research believes it could reasonably be viewed as an early (yet still incomplete) version of an AGI system.
Besides its technical prowess, one of the most exciting aspects of GPT-4 is its low barrier to entry. You can interact with it using natural language text input, through its integration with Microsoft search engine Bing, through the recently updated GitHub Copilot X, and its API (application programming interfaces) will spawn many consumer applications.
At the heart of AI’s cybersecurity concerns is the proliferation of APIs. While developers are working to simplify and accelerate architecting, configuring and building serverless applications with the help of new AI systems like DeepMind’s AlphaCode, problems arise as ML becomes responsible for generating and executing code.
Convenience vs. Effective Cybersecurity
For all its potential, though, these LLM systems aren’t perfect. They are software written by people, and software always has flaws. A case in point is OpenAI CEO Sam Altman posting on Twitter that one of the open-source libraries they used caused a significant issue in ChatGPT.
If we focus on code creation, or, more appropriately, code suggestion abilities powered by systems like GPT-4, we do need to tread carefully. These systems, like GitHub Copilot, will give programmers the ability to produce 3-20x the amount of code they could manually, but it also opens the door to programmers doing so without understanding the intricacies of the coding language as much as they needed before. This will lead to a lot of innovation, but this innovation is built on more fragile and less secure foundations.
Systems like ChatGPT know what they know based on the input they were trained on. But in the real world, we have to deal with Known Knowns, Unknown Knowns, and Unknown Unknowns. It turns out, for example, ChatGPT is good at providing code examples in Python since that is one of the more popular languages in the input it was provided.
If the input has insecure examples or routines that aren’t best practices, we can end up with vulnerable applications quickly. What are the chances of this developer properly validating and testing the security of applications created this way before releasing them into the wild?
As an example, I asked ChatGPT to generate a secure login API for a new eCommerce website. Many things were missing (this is not using ChatGPT Plus yet), but you can re-prompt the system and nudge it in the right direction. The question is, do you know what to re-prompt for, or do you copy/paste and hope for the best?
Putting Cybersecurity Before Productivity Boost
These systems will drive many new and unexpected innovations, but we need to ensure we do not put the horse before the cart regarding cybersecurity. Our whole world is becoming more and more digitised. This will be another accelerant to that end, but daily realities about cyber attacks and breaches warrant careful consideration before jumping on the bandwagon.
Currently, GPT-4 and LaMDA (Google Bard) are the most cutting-edge AI productivity tools released to the general public. They are easily accessible, and the potential productivity boost is enormous, but nothing comes for free, especially in the world of cybersecurity. It is undeniable that these tools have the opportunity to make development work easier and faster. However, in terms of generating secure code, the jury is out.
Like human adversaries, AI tools use the breadth of existing knowledge but lack human creativity. You prepare yourself by focusing on the basics of cybersecurity, just like with human actors. It only takes one vulnerability for an attacker to gain access to critical information — are we ready to cede that responsibility to AI just yet?
Uma Rajagopal has been managing the posting of content for multiple platforms since 2021, including Global Banking & Finance Review, Asset Digest, Biz Dispatch, Blockchain Tribune, Business Express, Brands Journal, Companies Digest, Economy Standard, Entrepreneur Tribune, Finance Digest, Fintech Herald, Global Islamic Finance Magazine, International Releases, Online World News, Luxury Adviser, Palmbay Herald, Startup Observer, Technology Dispatch, Trading Herald, and Wealth Tribune. Her role ensures that content is published accurately and efficiently across these diverse publications.