Mitigating Cyber Risk in the Age of Open-Weight LLMs: Policy Gaps and Technical Realities

TL;DR

This paper examines cybersecurity risks posed by open-weight general-purpose AI models, highlighting regulatory gaps and proposing targeted policy and technical strategies to mitigate threats while supporting innovation.

Contribution

It identifies specific cyber threats from open-weight models, critiques current regulations, and suggests focused risk evaluation and international collaboration as solutions.

Findings

Open-weight models enable scalable cyberattacks.

Current regulations are insufficient for open AI risks.

Proposed focus on high-risk capabilities enhances security.

Abstract

Open-weight general-purpose AI (GPAI) models offer significant benefits but also introduce substantial cybersecurity risks, as demonstrated by the offensive capabilities of models like DeepSeek-R1 in evaluations such as MITRE's OCCULT. These publicly available models empower a wider range of actors to automate and scale cyberattacks, challenging traditional defence paradigms and regulatory approaches. This paper analyzes the specific threats -- including accelerated malware development and enhanced social engineering -- magnified by open-weight AI release. We critically assess current regulations, notably the EU AI Act and the GPAI Code of Practice, identifying significant gaps stemming from the loss of control inherent in open distribution, which renders many standard security mitigations ineffective. We propose a path forward focusing on evaluating and controlling specific high-risk capabilities rather than entire models, advocating for pragmatic policy interpretations for open-weight systems, promoting defensive AI innovation, and fostering international collaboration on standards and cyber threat intelligence (CTI) sharing to ensure security without unduly stifling open technological progress.