DeepSeek: Revolutionary AI, Or The “Sputnik” Of Big Tech?

Uploaded on 2025-02-19 in TECHNOLOGY-Key Areas-Artificial Intelligence, FREE TO VIEW

Brought to you by CYRIN

DeepSeek: Revolutionary AI, or the “Sputnik” of Big Tech?

The launch of DeepSeek’s R1 - a stunningly advanced open-sourced AI model from China has rocked the U.S. stock market, the tech market, and has ramifications for the cybersecurity market as well.

Origins Of DeepSeek

In late 2023, Liang Wenfeng, a 40-year-old former hedge fund manager with a degree in AI and a so-called “serial entrepreneur,” founded DeepSeek as a “side project,” after cofounding a wildly successful investment firm — High-Flyer - that used AI to devise trading strategies. As reported in Channel News Asia, under Wenfeng’s leadership, the company grew its assets more than tenfold over a four-year span - from 1 billion yuan (US$138 million) in 2016 to more than 10 billion yuan by 2019, according to official information provided. It also reportedly bought more than 10,000 Nvidia graphics processing units before U.S. AI chip sanctions on China kicked in. Currently, DeepSeek operates as an independent AI research lab under the umbrella of High-Flyer.

Technical Impact

DeepSeek’s R1 Large Language Model (LLM) looks to be a powerful tool that has not only outpaced expectations but appears to be built at a fraction of the cost when compared to other vendors and their development costs. DeepSeek is also providing its R1 models under an open-source license, enabling free use.

DeepSeek’s low-cost AI model grabbed everyone’s attention when it stated in a paper that training its DeepSeek-V3 model (DeepSeek-V3 is the default model, while R1 is a powerful reasoning model) required less than $6 million in computing power using the lower-capability Nvidia H800 chips. This could make it 20 to 50 times more affordable to use than OpenAI's o1 model, depending on the task, according to a post on DeepSeek's official WeChat account.

Even Sam Altman, CEO of OpenAI, speaking on X called “DeepSeek's r1 an impressive model, particularly around what they’re able to deliver for the price.”

Economic Impact

If DeepSeek is truly more cost effective to build and run than current models of U.S. origin, it would represent a seismic shift in the world of open AI technology. The launch of DeepSeek challenges the assumption that the U.S. will lead the way in AI as it did in the expansion of the internet and development of the personal computer. Just as the U.S. fell behind Russia in the Space Race, DeepSeek has companies and industries scrambling for strategies that will avoid a “Sputnik” situation in the world of AI and big tech.

Just prior to DeepSeek’s announcement, the U.S. announced its ambitious Stargate project, looking to invest $500 billion in developing U.S. AI infrastructure over the next four years.

On the other side of the globe, DeepSeek presents a stark contrast with its cost-effective approach. Despite its significantly smaller budget of just $5.6 million, DeepSeek has achieved comparable performance outputs to much larger and more expensive projects.

The impact was significant. “Within days of its release, the DeepSeek AI assistant - a mobile app that provides a chatbot interface for DeepSeek-R1 -  hit the top of Apple’s App Store chart, outranking OpenAI's ChatGPT mobile app.”

This shift rattled markets, driving down the stock prices of major US firms and forcing a reassessment of AI dominance. Nvidia, whose business depends on supplying high-performance processors, appears particularly vulnerable as DeepSeek’s cost-effective approach threatens to reduce demand for premium chips. On Jan. 27, “the Nasdaq Composite dropped by 3.4% at the market opening, with Nvidia declining by 17% (it has recovered in recent days but it’s still off its year-long high) and losing approximately $600 billion in market capitalization.”

How Was It Done With Less Money?

As DeepSeek engineers detailed in a research paper published just after Christmas, the startup used several technological tricks to significantly reduce the cost of building its system. These “tricks” included a method called “mixture of experts,” to significantly reduce the cost of building the technology.

Cyber Problems For Business?

DeepSeek has been heralded by many, but according to some reports, including recent testing as reported in Dark Reading, organizations might want to think twice before using the Chinese generative AI (GenAI) DeepSeek in business applications, after it failed a barrage of 6,400 security tests that demonstrate a widespread lack of guardrails in the model. That's according to researchers at AppSOC, who conducted rigorous testing on a version of the DeepSeek-R1 large language model. Their results showed the model failed in multiple critical areas, including succumbing to jailbreaking, prompt injection, malware generation, supply chain, and toxicity. Failure rates ranged between 19.2% and 98%. According to Mali Gorantla, co-founder and chief scientist at AppSOC, "For most enterprise applications, failure rates about 2% are considered unacceptable. Our recommendation would be to block usage of this model for any business-related AI use."

Security Week reported that DeepSeek experienced a massive cyberattack just as researchers have started finding vulnerabilities in the company’s R1 model. DeepSeek said its servers were compromised in a series of attacks that prevented new users from registering, although registered users were not impacted.

Sensitive Data In The Wild

For casual users, such as those downloading the DeepSeek app from app stores, the potential risks and harms remain high. Tests have shown that, compared to other U.S. AI models, it is relatively easy to bypass DeepSeek’s guardrails to write code to help hackers exfiltrate data, send phishing emails and optimize social engineering attacks, according to cybersecurity firm Palo Alto Networks. Other reports indicated that DeepSeek-R1 is four times more likely to “write malware and other insecure code than OpenAI's o1.”

A senior AI researcher from Cisco commented that DeepSeek’s low-cost development may have overlooked its safety and security during the process.

There is no question that DeepSeek marks a sea change in the race to lead the AI world, with U.S. companies scrambling to stay innovative and effective in this ever-changing landscape. No doubt cybersecurity will be a growing concern as DeepSeek is adopted and other open AI systems enter the competitive field.

CYRIN’s Capabilities

At CYRIN, we understand AI and its cybersecurity implications. We continue to work with our industry partners to address major challenges such as the use of new paradigms like AI and zero trust. We set up realistic scenarios that allow them to train their teams and prepare new hires for the threats they will face. Government agencies have been using CYRIN for years, training their front-line specialists on the real threats faced on their ever-expanding risk surface.

For educators, we consistently work with colleges and universities both large and small to create realistic training to meet the environment students will encounter when they graduate and enter the workforce, including being at the forefront of new and future uses of cybersecurity.

Unless you get the “hands-on” feel for the tools and attacks and train on these real-world scenarios, you just won’t be prepared for when the inevitable happens. The best time to plan and prepare is before the attack. Our training platform teaches fundamental solutions that integrate actual cyber tools from CYRIN’s labs that allow you to practice 24/7, in the cloud, with no special software required.

Cyber is a team effort; to see what our team can do for you take a look at our course catalog, or better yet, contact us for further information and your personalized demonstration of CYRIN. Take a test drive and see for yourself! 

Image: Ideogram

Watch CYRIN: The Next-Generation Cyber Range

Learn More About How CYRIN Online Training Can Benefit You

You Might Also Read: 

Salt Typhoon - The Chinese Telecom Hack:  

If you like this website and use the comprehensive7,000-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

 

 

« TikTok Returns To US App Stores
British Agencies Target Russian Cyber Crime Network »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

Radiant Logic

Radiant Logic

Radiant Logic is a market-leading provider of federated identity solutions based on virtualization, and delivers simple, logical, and standards-based access to all identities within an organization.

Copper Horse Solutions

Copper Horse Solutions

Copper Horse specialises in mobile and IoT security, engineering solutions throughout the product lifecycle from requirements to product security investigations.

National Cybersecurity and Communications Integration Center (NCCIC) - USA

National Cybersecurity and Communications Integration Center (NCCIC) - USA

NCCIC is a cyber situational awareness, incident response, and management center for the US Government, intelligence community, and law enforcement.

ClearDATA

ClearDATA

The ClearDATA Managed Cloud protects sensitive healthcare data using purpose-built DevOps automation, compliance and security safeguards, and healthcare expertise.

Centurion Information Security

Centurion Information Security

Centurion Information Security is a consulting firm based in Singapore that specialises in penetration testing and security assessment services.

Think Cyber Security (ThinkCyber)

Think Cyber Security (ThinkCyber)

ThinkCyber is a Tel Aviv-based Israeli company with a team of cybersecurity professionals who are experts in both information and operations technology.

limes datentechnik

limes datentechnik

limes datentechnik is an authority in the fields of cryptography and data compression. The FLAM product family is an internationally accepted standard for efficient and safe handling of data.

Bloc Ventures

Bloc Ventures

Bloc Ventures is an investment company providing long-term, ‘patient’ equity capital to early stage unquoted deep technology companies.

InfoSystems Inc

InfoSystems Inc

InfoSystems provides reliable IT solutions to build and maintain strong and secure systems for both SMB and enterprise organizations.

Aware

Aware

Aware is the only comprehensive AI solution for governance, risk, compliance and insights for leading collaboration platforms.

Vanta

Vanta

Vanta helps companies scale security practices and automate compliance for the industry’s most sought after standards - SOC 2, ISO 27001, HIPAA, GDPR, and other security and privacy frameworks.

Lineaje

Lineaje

Lineaje solves critical Software Supply Chain security problems faced by every organization that builds, uses or sells software.

Lakera

Lakera

Lakera empowers developers and organizations to build GenAI applications without worrying about AI security risks.

DART Consulting & Training

DART Consulting & Training

DART is a leading cyber training and consultancy company. We enhance our clients’ cyber capabilities by growing and strengthening their frontline defense – the cyber teams.

Cloudbrink

Cloudbrink

Cloudbrink is purpose-built to deliver the industry’s highest performance connectivity to remote and hybrid workers, anywhere in the world.

Crisis24

Crisis24

Crisis24 is a leading integrated risk management, crisis response, consulting, and global protective solutions firm.