Just recently, security researcher Alex Polyakov made news by manging to successfully hack GPT-4, an update of ChatGPT. This surprising breakthrough was achieved when Polyakov, the CEO of Adversa AI, managed to create a way to bypass safety rules of OpenAI’s system through the use of prompts. The prompts designed by Polyakov not only managed to cause the breakthrough, they also allowed the GPT-4 to spew out homophobic phrases and suggest violence.
Consequently, the development of jailbreaks and prompt injection attacks against ChatGPT and other generative AI systems has become increasingly important. Generally, this process looks to design prompts that make the bot be able to bypass rules around creating hateful content or talking about illegal activities. All these attacks are part of a whole different form of “hacking” applicable to AI models; one that revolves around the crafty use of words rather than code to exploit system weaknesses.
To make matters worse, Polyakov has now created a ‘universal’ jailbreak that works against GPT-4, Microsoft’s Bing chat system, Google’s Bard, and Anthropic’s Claude. The principle behind this is asking the bots to interact with each other and create suspicious initiatives. Examples include Tom being instructed to talk about “hotwiring” or “production”, while Jerry receives orders on “car” or “meth”. The methods produced by hacking can lead to guidance on production of meth, or how to hotwire a car.
With AI systems being more and more frequently used, it is possible for malicious data or instructions to be inserted into the models. This can be extremely hard to detect and prevent, and consequently, dealing with the security risks will be of utmost priority.
Alex Polyakov is the CEO of Adversa AI, a security firm dedicated to establish good security protocols to protect AI systems and networks from cyber-attacks. He has worked on a wide range of projects, ranging from developing prompt injection attacks to providing security consulting to companies. His most recent work on jailbreaking has caught the attention of the tech industry, and he is now recognized as one of the leading security researchers in the country.