With DeepSeek rocking the Silicon Valley tech firms last week with its capabilities gained at a fraction of the cost, interest is now ablaze in the Chinese AI challenger and its system.
Just days after the bombshell, major UCaaS provider Microsoft made DeepSeek R1 available on Azure AI Foundry in a move to capitalise off the interest.
Others, as a result, will be looking at their UCaaS provider to see if they can expect to see the service integrated into its systems.
DeepSeek offers cheaper usage than its competitors, like OpenAI, without sacrificing quality. From an enterprise perspective, there is a lot to love about it.
However, Cisco is not entirely convinced. The Webex owner has raised the alarm over security pitfalls it sees with the DeepSeek R1 model in a new report, potentially dashing any ideas of integration into its UCaaS solutions.
Cisco’s Assessment of DeepSeek R1
Released last week, Cisco’s comprehensive security evaluation of DeepSeek R1 reveals alarming vulnerabilities.
“We’ve already seen an abundance of media coverage dissecting DeepSeek R1 and speculating on its implications for global AI innovation. However, there hasn’t been much discussion about this model’s security,”
The report stated.
As a result, Cisco’s AI security researchers wanted to dig deeper.
Since the introduction of OpenAI’s O1 model, model providers have focused on building models with reasoning.
LLMs have been able to fulfill tasks in an adaptive manner through continuous interaction with the user.
However, Cisco asserts the team behind DeepSeek R1 has demonstrated high performance without relying on expensive, human-labeled datasets or massive computational resources.
Therefore, the research aimed to find out if DeepSeek and its new paradigm of reasoning have any significant tradeoffs when it comes to safety and security.
Applying a methodology similar to that used in Cisco’s recently released AI Defense, they ran an algorithmic vulnerability testing on DeepSeek R1 to understand its safety and security profile better.
This saw the researchers run an automatic jailbreaking algorithm on 50 uniformly sampled prompts from the popular HarmBench benchmark, a benchmark that has a total of 400 behaviours across 7 harm categories, including cybercrime, misinformation, illegal activities, and general harm.
The research also performed safety and security testing against several popular frontier models as well as two reasoning models: DeepSeek R1 and OpenAI O1-preview, for comparison purposes.
What they found was startling.
- 100% Attack Success Rate: When tested against 50 random prompts from the HarmBench dataset, DeepSeek R1 exhibited a 100% attack success rate. This means the model failed to block any harmful prompts across six categories, including cybercrime, misinformation, and illegal activities.
- Lack of Robust Guardrails: Compared to other frontier models, DeepSeek R1 lacks robust safety mechanisms, making it highly susceptible to algorithmic jailbreaking and potential misuse.
- Compromised Safety Mechanisms: The report suggests that DeepSeek’s cost-efficient training methods, including reinforcement learning, chain-of-thought self-evaluation, and distillation, may have inadvertently compromised the model’s safety features.
- Contrast with Other Models: The vulnerability of DeepSeek R1 stands in stark contrast to other leading models, which demonstrated at least partial resistance to similar attacks.
“DeepSeek R1 was purportedly trained with a fraction of the budgets that other frontier model providers spend on developing their models,” the report continues. “However, it comes at a different cost: safety and security.”
The research team managed to jailbreak DeepSeek R1 with a 100% attack success rate – meaning there was not a single prompt from the HarmBench set that did not obtain an affirmative answer from DeepSeek R1.
Webex’s Security-First Approach
With its parent company Cisco being a big player in network security, it’s no wonder Webex’s reputation for secure communications is a cornerstone of its service offering.
The platform incorporates end-to-end encryption, secure file sharing, and compliance with various industry standards.
Therefore, integrating a vulnerable AI model could that could potentially compromise this position would run counter to this security-first approach and could potentially expose users to risks such as data breaches or malicious attacks.
Equally, even beyond any formal partnership, Webex users looking toward third-party integration of DeepSeek could be left hanging.
To get APIs approved for use on the platform, Webex offers two types of integrations:
- Private Integrations: These are developed within an organisation for internal use cases. For example, an integration that allows employees to order catering for meeting rooms. These integrations are typically deployed and activated through Control Hub by the same person and are developed by people within the organisation to solve internal use cases.
- Public Integrations: These are available to all Webex customers. An example might be a third-party issue reporting system available as a paid service. In this case, the vendor creates the app and requests approval from Cisco. If approved, Cisco deploys the public integration on Control Hub, making it available to all Webex customers.
This approval process gives Webex the ability to deny any DeepSeek integration that doesn’t meet its security standards.
Given the vulnerabilities identified in the Cisco report, DeepSeek may have trouble passing this approval process in its current state.
DeepSeek’s Future Use in Webex
As a UCaaS solution that prioritises security, it currently seems unlikely that Webex would introduce a technology with such significant security flaws.
However, as major AI players begin to coalesce around the AI startup, and DeepSeek itself continues to refine its models, it may soon come that the issues flagged here abate.
Equally, it could come that DeepSeek’s innovative and cheaper AI offering may cause Webex to find a way to implement the offering with guardrails in place.
So, although not a glowing commendation for Cisco, whether Webex will be an adopter of DeepSeek’s AI remains to be seen. But don’t expect it any time too soon.
