NIS and Overseas Cybersecurity Agencies Announce AI Supply Chain Risks and Mitigation Measures
Joint Statement Issued with Seven Countries, Including Australia and the United States
On March 5, the National Intelligence Service (NIS) announced a joint statement on "AI Supply Chain Risks and Mitigation Measures" together with the Australian Signals Directorate, the U.S. National Security Agency, and cyber security agencies from seven major countries.
The Australian Signals Directorate expressed concern over the increasing risk factors, such as hidden backdoors, arising from the complexity of AI supply chains. In response, it prepared relevant recommendations and requested the participation of the NIS. The key feature of these recommendations is the view that AI should be treated as a system that requires security to be embedded from the design stage, rather than only being managed after deployment.
The recommendations identify risk factors and mitigation measures for AI supply chains across five areas: data, machine learning models, software, infrastructure and hardware, and third-party services. The document advises that low-quality or biased AI data can lead to errors in judgment and recommends using data from trusted sources to mitigate risks. It also emphasizes that machine learning models can cause security incidents, such as concealing malware or inserting backdoors, and therefore safe file formats or transparent models should be used.
According to the recommendations, AI infrastructure can involve the injection of malicious firmware or introduce new security risks. As a result, existing information security system principles should be applied, and measures such as network separation or independent authentication should be used to ensure thorough management.
The NIS has been continuously presenting countermeasures related to AI supply chain attacks, such as issuing safe AI development guidelines jointly with the United States, the United Kingdom, and others in November 2023, and distributing an AI security guidebook in December of last year.
Hot Picks Today
"Stocks Are Not Taxed, but Annual Crypto Gains Over 2.5 Million Won to Be Taxed Next Year... Investors Push Back"
- "Don't Throw Away Coffee Grounds" Transformed into 'High-Grade Fuel' in Just 90 Seconds [Reading Science]
- Nana Home Intruder Who Filed 'Counter Attempted Murder Complaint' Referred to Prosecution for False Accusation
- "Groups of 5 or More Now Restricted"... Unrelenting Running Craze Leaves Citizens and Police Exhausted
- "Even With a 90 Million Won Salary and Bonuses, It Doesn’t Feel Like Much"... A Latecomer Rookie Who Beat 70 to 1 Odds [Scientists Are Disappearing] ③
An NIS official stated, "This set of recommendations is significant in that it systematically organizes AI-specific risks from the supply chain perspective and presents a security management direction focused on prevention rather than post-incident response," adding, "Based on partnerships with major countries, we will continue to support the safe use of AI domestically."
© The Asia Business Daily(www.asiae.co.kr). All rights reserved.
