Google has announced a significant expansion of its Vulnerability Rewards Program (VRP) to incentivize researchers to identify attack scenarios specifically targeting generative artificial intelligence systems. This initiative is part of a broader effort to enhance safety and security frameworks surrounding AI technologies.
According to Google representatives Laurie Richardson and Royal Hansen, generative AI introduces unique challenges that differ from traditional cyber threats. Key concerns include unfair biases, potential for model manipulation, and misinterpretation of data, often referred to as “hallucinations.” These factors necessitate a specialized approach to cybersecurity for AI systems.
The updated VRP will cover a variety of attack vectors, including prompt injections, the inadvertent exposure of sensitive data from training datasets, model manipulation techniques, adversarial perturbation attacks that can provoke misclassification, and even the theft of models. By broadening the scope of its rewards program, Google aims to actively engage the security research community in fortifying AI systems against evolving threats.
Earlier this year, Google also launched an AI Red Team dedicated to addressing potential threats to AI systems as part of its Secure AI Framework (SAIF). By establishing this proactive team, Google aims to better understand and mitigate risks associated with AI vulnerabilities.
In addition to enhancing the VRP, Google is focusing on strengthening the AI supply chain through open-source security initiatives. This includes collaboration on established frameworks such as Supply Chain Levels for Software Artifacts (SLSA) and Sigstore, which enhance the transparency and security of software development practices.
Google’s emphasis on digital signatures, such as those provided by Sigstore, enables users to verify the integrity of software, ensuring it has not been tampered with or replaced. Furthermore, the implementation of metadata like SLSA provenance helps clarify the composition and development process of software, allowing organizations to verify license compliance, pinpoint vulnerabilities, and detect advanced threats effectively.
This initiative coincides with OpenAI’s establishment of a new Preparedness team, tasked with monitoring and evaluating a range of catastrophic risks associated with generative AI. This includes threats emanating from cybersecurity, as well as chemical, biological, radiological, and nuclear risks.
Furthermore, Google, along with OpenAI, Anthropic, and Microsoft, has launched a collaborative $10 million AI Safety Fund aimed at fostering research in AI safety, underscoring a collective commitment to addressing the risks tied to advanced artificial intelligence technologies.
