MOSCOW, April 7Attackers can use the neural networks used by companies to steal personal and corporate data, as well as hack security systems, so they need to audit information security, said Konstantin Romanov, director of artificial intelligence and digital products at Beeline.
«A neural network can potentially be used to steal personal and corporate data. It can process huge amounts of data and extract information from them, including confidential information. There is a possibility of using neural networks to hack security systems and access protected data,» — he declared.
According to the expert, data leakage can have serious consequences — for example, the theft of personal funds and identification data, espionage and other illegal activities. Moreover, the data can get not only to scammers, but also to foreign intelligence services. In addition, a leak can lead to a loss of customer confidence in the company.
“Companies that implement neural networks in their processes need to conduct an information security audit to make sure that data leakage is impossible or mitigated,” Romanov emphasized.
He also recalled cases when services using neural networks collected user data, which caused their concern. One of them is the FaceApp photo editing scandal in 2019. Users uploaded photos to the program, they were processed and stored on the company's servers along with various data, including the location of the device, IP address, device ID and other personal information.
After that, according to the expert, users were concerned that the stored data could be used without their knowledge not only for advertising purposes, but also for surveillance.
Another example is Google Photos, a photo storage and processing service that uses neural networks to automatically process data and create albums. «In 2019, Google admitted that several thousand users may have been affected by a software bug that caused some photos to be incorrectly uploaded to the company's servers. As a result, there were concerns that these photos could be used for marketing purposes or even for espionage purposes,» Romanov concluded.