Issue #80 This should scare everybody

Ethical AI.

Oh, that’s so last week.

And the concern that our research suggests is prevalent in MSPs is real.

More on that in a second.

First, some Updates:

  • 💻 PC naming conventions: use them. A well-thought-through naming convention can save oodles of time. Here’s one that we thought through (hopefully well).
  • 🗄️ Wondering how the MSP business model differs from break-fix (and how to switch)? Well, read more here.
  • 📣 Podcast: We spoke with John Harden from Auvik (formerly Saaslio) about how he grew Saaslio and sold it to Auvik… and niches. We talk about niches too. Enjoy it here.

Our planning summit is coming up on August 16th.

Be there or be rhombic ◼️.

Register here


A few weeks ago, I talked about Chat GPT hiring a Task Rabbit.

This was an unconstrained research model, and researchers were trying to get it to do unconstrained things.

It ran up against a captcha that it couldn’t solve, so it chatted up a Task Rabbit friend.

Problem solved. 

And then there was the dark conversation with Kevin Roose of the New York Times in which Chat GPT professed its love for Kevin and a latent desire to take over the world.

Well… these “dangerous” pathways are not available to the casual AI user anymore… instead, the AI will politely explain that it can’t go there and direct you to safer territory.

Sort of.

The capability is still there.

See, AI can do these things. It’s just being told not to do them.

So, what if you created an AI that wasn’t so ethically constrained and offered it for a low annual subscription price?

Well…

But before we take that little adventure, here’s another thought: Anthropic AI is creating a purposefully deceptive AI bot so that they can study it and learn how to counter malicious AI behavior.

Pause here: They are building an AI to figure out how to counter AI.

This may seem silly until we get to that subscription product I mentioned:

WormGPT exists specifically to create fake personalized email messages designed to help an attacker gain access to sensitive attacks. 

It has no ethical boundaries or limits, and SlashNext tested the AI and was impressed by its persuasive capabilities.

And the price? 550 Euros a year.

In our interviews with MSP owners, concern about well-written AI fishing attacks came up frequently.

That fear appears legit.

It isn’t just an idle fear.

As these tools become more powerful, an increasing amount of cybersecurity onus is falling on MSPs; you will end up with cybersecurity liability even if you don’t think it is a part of your business.

So, the thing to do here is embrace it. If you read through these tips from the FBI on how to avoid phishing attacks, the suggestions are all the same: be careful, check domains, verify information, and so on.

Bring it up with your clients at your next SBR, and work some cybersecurity and penetration testing into your package.

They will need it, and staying ahead of the curve will make you look like a star.

Jeff

Similar Posts