McKinsey rushes to fix AI system after hacker exposes flaws - FT中文网
登录×
电子邮件/用户名
密码
记住我
请输入邮箱和密码进行绑定操作:
请输入手机号码,通过短信验证(目前仅支持中国大陆地区的手机号):
请您阅读我们的用户注册协议隐私权保护政策,点击下方按钮即视为您接受。
人工智能

McKinsey rushes to fix AI system after hacker exposes flaws

Consultancy says it has found ‘no evidence’ that confidential client information was compromised
00:00

{"text":[[{"start":10.74,"text":"McKinsey has rushed to fix flaws in an in-house AI system after hackers gained access to millions of its internal messages and were able to identify sensitive files."}],[{"start":22.73,"text":"CodeWall, a cyber security firm, said this week that it had hacked Lilli, McKinsey’s AI platform used by its 40,000 staff, and found millions of files and communications within two hours."}],[{"start":37.41,"text":"It said it had gained access to 46.5mn chat messages on the system, which is used by McKinsey staff to plan strategy, analyse data and create project plans and presentations for clients. "}],[{"start":53.01,"text":"The hack underscores the risks that come with the rapid adoption of AI and is potentially embarrassing for McKinsey at a time when it is pitching for work advising blue-chip companies on how to use the technology. The consultancy has touted its AI tools as evidence that it is at the forefront of adopting the technology. "}],[{"start":76.91,"text":"CodeWall, which aims to find cyber security flaws in companies’ systems so they can fix them, said it had used its own AI agent to carry out the hack. “Within 2 hours, the agent had full read and write access to the entire production database,” CodeWall said on its website. "}],[{"start":96.35,"text":"It also claimed to have accessed a list of 728,000 “sensitive” file names, including Excel spreadsheets, PowerPoint decks and Word documents. A person close to McKinsey said that the files themselves were stored separately and were “never at risk”."}],[{"start":115.83999999999999,"text":"CodeWall, whose founder Paul Price said he was the group’s only employee, says it focuses on companies such as McKinsey that have published guidelines on how ethical hackers should probe their systems for cyber security flaws. "}],[{"start":130.57,"text":"In this case, the AI agent automatically stopped attempting to access files and reported the security issues once they were discovered, CodeWall said. "}],[{"start":141.57,"text":"The cyber security firm said it had gained access to 57,000 user accounts, 384,000 AI assistants and 94,000 workspaces, which it called “the full organisational structure of how the firm uses AI internally” and the “firm’s intellectual crown jewels”. "}],[{"start":162.47,"text":"Lilli’s system prompts and AI model configurations were also laid bare during the hack, CodeWall said, “revealing exactly how the AI was instructed to behave [and] what guardrails existed”. "}],[{"start":176.47,"text":"McKinsey’s security team was alerted to CodeWall’s findings at the end of February, according to the person close to the consultancy. McKinsey patched the holes identified and took offline its development environment, an online area for testing code, within hours, the person added. "}],[{"start":194.6,"text":"CodeWall said its AI agent had itself suggested McKinsey as a target. “In the AI era, the threat landscape is shifting drastically — AI agents autonomously selecting and attacking targets will become the new normal,” the company said. "}],[{"start":213.59,"text":"McKinsey said it was “recently alerted to a vulnerability related to our internal AI tool, Lilli, by a security researcher. We promptly confirmed the vulnerability and fixed the issue within hours”. "}],[{"start":228.87,"text":"It added: “Our investigation, supported by a leading third-party forensics firm, identified no evidence that client data or client confidential information were accessed by this researcher or any other unauthorized third party."}],[{"start":244.02,"text":"“McKinsey’s cyber security systems are robust, and we have no higher priority than the protection of client data and information that we have been entrusted with.” "}],[{"start":254.21,"text":"McKinsey claimed last year that consulting on AI and related technology accounted for 40 per cent of its revenue, and this year its chief executive said it has built 25,000 AI “agents” to support its 40,000-strong workforce."}],[{"start":280.52,"text":""}]],"url":"https://audio.ftcn.net.cn/album/a_1773366586_9543.mp3"}

版权声明:本文版权归FT中文网所有,未经允许任何单位或个人不得转载,复制或以任何其他方式使用本文全部或部分,侵权必究。

霍尔木兹海峡的惊险竞速

敢于走靠近阿曼海岸航线的船只,将面临伊朗导弹更高的风险。

“热带夜”正侵袭欧洲

极端气温增幅最大的时段并非白天。

埃尔林•哈兰德:在世界杯大杀四方的维京巨星

这名前锋通过研读科学论文来优化身体状态,对球迷和对手都热情拥抱,并将挪威一路带进了四分之一决赛。

心理健康究竟怎么了?

更改术语有可能误导决策者,并伤害最需要帮助的人。

Jersey Mike上市,试图借SpaceX魔力为三明治增色

这家三明治连锁店的上市将考验投资者对一个因消费者支出忧虑而承压行业的兴趣。

畅享旅行无须大破荷包

我最难忘的旅行回忆之一,花费还不到100欧元。
设置字号×
最小
较小
默认
较大
最大
分享×