DeepSeek Security Breach Exposes AI Vulnerabilities and Sparks Cyberattacks

China's latest generative AI, DeepSeek, has been the subject of intense cybersecurity scrutiny since its launch. Security researchers recently exposed a system prompt jailbreak that revealed the model's inner workings. Meanwhile, DeepSeek has also faced waves of DDoS attacks, forcing it to restrict new user registrations. These incidents highlight both the security risks of AI models and the increasing sophistication of cyberattacks targeting AI services.

DeepSeek’s System Prompt Jailbreak: What Researchers Discovered

Shortly after DeepSeek's debut, researchers at API security firm Wallarm found a jailbreak vulnerability that exposed the AI model's full system prompt. This type of security flaw is particularly concerning because an AI’s system prompt dictates its behavior, response limitations, and content moderation policies. Most AI developers, including OpenAI with ChatGPT, take strict measures to prevent such leaks.

Wallarm stated in a February 1 blog post that its jailbreak method exploited bias-based AI response logic, though the company withheld specific technical details due to responsible disclosure policies. DeepSeek was notified of the issue and has since deployed a fix. However, Wallarm did publish the full system prompt text, allowing security experts to analyze DeepSeek’s operational framework.

This revelation sparked discussions about:

• AI privacy measures and how effectively DeepSeek protects user data.
• Potential biases in DeepSeek’s training, especially considering claims that it may have used OpenAI data for training.
• Regulatory constraints that could influence how the AI model operates, particularly in China, where AI content is tightly controlled.

To investigate potential OpenAI influence, Wallarm compared DeepSeek's system prompt to ChatGPT’s. According to ChatGPT’s analysis, DeepSeek's responses align with stricter compliance measures, whereas OpenAI's approach is more flexible and user-centric.

DDoS Attacks on DeepSeek: A Coordinated Cyber Assault

As DeepSeek's popularity grew, it became the target of large-scale distributed denial-of-service (DDoS) attacks. The company announced that it had to block new user registrations due to the overwhelming volume of attacks.

According to NSFocus, a cybersecurity firm monitoring the attacks, DeepSeek faced three major waves of DDoS attacks targeting its API interface on January 25, 26, and 27. Each attack lasted about 35 minutes, severely impacting DeepSeek’s platform. By January 28, the API interface was still unavailable due to ongoing disruptions.

The DeepSeek chat system was also attacked, with DDoS strikes observed on January 20 and 25, each lasting about an hour.

DDoS Attack Methods

NSFocus identified multiple reflection-based attack techniques, including:

• NTP reflection attacks – Exploiting Network Time Protocol (NTP) servers to amplify attack traffic.
• Memcached reflection attacks – Using misconfigured Memcached servers to flood DeepSeek with massive traffic.
• SSDP reflection attacks – Targeting Simple Service Discovery Protocol (SSDP) services to overwhelm network resources.
• CLDAP reflection attacks – Leveraging Connection-less Lightweight Directory Access Protocol (CLDAP) servers to increase attack volume.

A Highly Coordinated Attack

By January 28, DeepSeek reported that attackers were adapting their methods in response to the company's mitigation efforts. The precision and coordination of these attacks led NSFocus to conclude that the perpetrators were a professional, well-organized team rather than random hackers.

“The attacker shows extremely high professionalism in every attacking step, from selecting targets to timing the attacks and controlling the intensity,” NSFocus stated.

Top attack sources included systems from the United States, the United Kingdom, and Australia, according to the cybersecurity firm’s analysis.

What This Means for AI Security

The DeepSeek incidents highlight growing cybersecurity risks in generative AI. From jailbreak vulnerabilities to targeted cyberattacks, AI services are now prime targets for both security researchers and malicious actors.

Key Takeaways:

1. AI jailbreaks remain a security challenge – Even newer AI models like DeepSeek can be reverse-engineered to expose their internal logic.
2. DDoS attacks against AI platforms are increasing – As AI services gain popularity, they attract more highly coordinated cyberattacks.
3. AI security must evolve rapidly – Developers must implement robust safeguards to prevent prompt leaks and defend against cyber threats.

As AI continues to shape the digital landscape, cybersecurity teams must stay one step ahead to ensure AI models remain secure and resilient against emerging threats.