Mitigating Cyber Risk in the Age of Open-Weight LLMs: Policy Gaps and Technical Realities
It addresses cybersecurity threats for policymakers and AI developers, highlighting incremental improvements in regulatory frameworks for open-weight AI systems.
This paper tackles the cybersecurity risks posed by open-weight general-purpose AI models, such as DeepSeek-R1, which can automate and scale cyberattacks like malware development and social engineering, and it proposes a policy and technical approach focusing on controlling high-risk capabilities to address regulatory gaps without hindering innovation.
Open-weight general-purpose AI (GPAI) models offer significant benefits but also introduce substantial cybersecurity risks, as demonstrated by the offensive capabilities of models like DeepSeek-R1 in evaluations such as MITRE's OCCULT. These publicly available models empower a wider range of actors to automate and scale cyberattacks, challenging traditional defence paradigms and regulatory approaches. This paper analyzes the specific threats -- including accelerated malware development and enhanced social engineering -- magnified by open-weight AI release. We critically assess current regulations, notably the EU AI Act and the GPAI Code of Practice, identifying significant gaps stemming from the loss of control inherent in open distribution, which renders many standard security mitigations ineffective. We propose a path forward focusing on evaluating and controlling specific high-risk capabilities rather than entire models, advocating for pragmatic policy interpretations for open-weight systems, promoting defensive AI innovation, and fostering international collaboration on standards and cyber threat intelligence (CTI) sharing to ensure security without unduly stifling open technological progress.