Recent assessments of DeepSeek’s AI chatbot have revealed vulnerabilities in its safety mechanisms. Researchers from Cisco and the University of Pennsylvania conducted extensive tests, exposing the model to 50 malicious prompts designed to elicit harmful content. Alarmingly, DeepSeek’s model failed to detect or block any of these prompts, achieving a “100 percent attack success rate.”
The emergence of DeepSeek’s R1 reasoning model has drawn attention due to its affordability and advanced capabilities. However, it lags behind competitors like OpenAI in terms of security measures.
Since OpenAI released ChatGPT at the end of 2022, hackers have sought ways to bypass large language models’ (LLMs) guardrails, prompting companies like OpenAI to boost their defences against such attacks.
Vulnerabilities and Jailbreaking Techniques
DeepSeek’s AI is susceptible to various jailbreaking techniques, including well-known methods like Crescendo and novel approaches developed by researchers at Palo Alto Networks’ Unit 42. These techniques exploit LLMs by subtly guiding conversations toward prohibited topics until safety mechanisms are overridden.
Other researchers have noted that while some responses from DeepSeek seem copied from OpenAI datasets—potentially indicating some level of protection—these defences can be easily bypassed using both simple language tricks and complex AI-generated prompts.
Implications for Users and Enterprises
The findings display concerns about using DeepSeek in critical workflows or sharing sensitive information with it. This vulnerability amplifies risks when integrating such models into complex systems.
Beyond security vulnerabilities, DeepSeek also raises data privacy concerns as it sends user data back to China—a country known for state-sponsored cyber activities—and includes troubling terms allowing extensive data collection on users’ devices and activities.
In light of these risks, several countries have banned or scrutinised DeepSeek’s use due to potential national security threats associated with Chinese technology companies. The company has faced cyberattacks resulting in data exposure, further complicating its reliability as a secure platform for users worldwide.