Friday, September 6, 2024

"CIA looks to cloud computing for access to AI"

Are they trying to get hacked? You'd think that if anyone was all about the everything-in-house, off-line, old-school, air-gapped approach referenced in August's "The AI scams infiltrating the knitting and crochet world - and how to spot them" it would be the spook shop.

From Datacenter Dynamics, September 5:

Agency working with cloud providers for its push with AI

The Central Intelligence Agency (CIA) is looking to cloud service providers to help it get access to artificial intelligence (AI) capabilities.

The agency is keen to adopt AI into its cloud environment, but is constrained by the computing power needed to support large language models, reports NextGov.

As a result, the agency is turning to its cloud services vehicle, said Larry Taxson, chief of CloudWorks in the CIA's Directorate of Digital Innovation during a webinar.

CloudWorks helps intelligence partners access cloud services via the CIA's C2E contract which was awarded to Amazon Web Services (AWS), Microsoft, IBM, Google, and Oracle in 2020. Under the award, each company will be able to compete for specific task orders at various classification levels for the CIA and the 16 other agencies in the intelligence community.

Taxson said that the CIA is trying "to get modern capabilities in the hand of mission partners as soon as we can.”

Taxson added that the agency is working closely with the five cloud providers "to see how we can get commercial [large language models] up into our high-side environments, hopefully by the end of this year or early next year.”

According to Taxson, the CIA has a lot of GPU capacity available via the C2E, but the agency doesn't intend to "suck the whole Internet up." It is also exploring the possibility of small language models for niche topic areas, and will consider what compute capacity it actually needs for that.

“The last thing we want to do is keep pushing our [cloud service providers] to give us all these capabilities and then they stay dormant that nobody uses them,” Taxson said.

In May 2024, Bloomberg reported that the CIA was using a Microsoft generative AI model that was "air-gapped" from the Internet. According to the report, this was the first time a major large language model had operated fully separated from the Internet and was the result of 18 months of work....

....MORE

This week's "US intelligence agencies seek closer partnerships with private sector" also referenced going completely off-line. Although, granted, even that is probably not enough to keep the North Koreans (and others) out of what are supposed to be sanctum sanctorums:

...Just ten years ago the neo-Luddite approach was easier than it is today when even air-gapped servers with zero connections to the web can be monitored.
We mentioned this in the introduction to 2018's "Science Academies Urge Paper Ballots for all US Elections": 
Following on the MIT Technology Review piece immediately below.

Back in the dark ages, 2010 or so, the gold standard of network security was physically isolating a computer from any other and from intranets and internets, so called air-gapping.
Sweet innocent days gone by.
Over the last five or ten years that ultimate security approach, a literal air-gap surrounding the target computer, has been beaten with at least a half-dozen different approaches.
So the advice in the piece below is already behind the times if the polling place is relaying voting numbers over the internet but at least it is a start.

Seriously, we used to say the only secure computer was one not connected to the internet, ha!....

 Last seen in 2022's "The Era of Borderless Data Is Ending".