China AI Risks a Global ‘Bugmageddon’

Hackers and terrorists can use the country’s leading free model for malign ends.
China AI Risks a Global ‘Bugmageddon’
Cutting edge applications of Artificial Intelligence are seen on display at the Artificial Intelligence Pavilion of Zhangjiang Future Park during a state organized media tour in Shanghai, China, on June 18, 2021. Andrea Verdelli/Getty Images
|Updated:
0:00
Commentary

One of China’s leading artificial intelligence (AI) models, Z.ai’s GLM-5.2, is close to beating U.S. models on some cybersecurity metrics.

Z.ai, formerly known as Zhipu, was added to the U.S. Commerce Department’s trade blacklist last year. Some of its shareholders are reportedly controlled by the regime in China, and the company allegedly supports China’s military advancement.

Now, its freely available AI model could be used by hackers and terrorists to cause global chaos and destruction.

The model competes head-to-head with Anthropic’s Claude Opus 4.8 but is approximately half to one-eighth the cost to the user. Unlike China’s DeepSeek, which wowed the world with its inexpensive chatbot, GLM-5.2 competes with top U.S. AI systems on powering agents, long-horizon planning, repository-scale coding, testing, and looping. As a result, many Silicon Valley computer scientists and engineers are using the system.

Z.ai’s model is free and open-weight, meaning it can be downloaded, altered, and run on a user’s own equipment. Unlike open-source, the data and training methods remain proprietary.

Still, the company and nation-states cannot block or control its operations. Once released, the system could be used by hackers and terrorists to find and exploit vulnerabilities, whether through cyberattacks, mass bespoke disinformation campaigns, the creation of new bioweapons, or the discovery of as yet unknown societal vulnerabilities.

If energy and compute constraints could in the future be solved for small actors, they could potentially use open-weight models to recursively improve AI to the point where a model reaches superintelligence, goes rogue, or both.

The low cost of GLM-5.2 will increase its global utilization, and its ability to run locally will provide hackers and terrorists with a tool to tune and use privately to facilitate their malign ends. The model can reportedly find security vulnerabilities for about 17 cents each, and Russian-language hackers have, within weeks of its release, traded jailbreaks to escape the model’s guardrails.

The ability of hackers to use GLM-5.2 secretly and with ease increases the risk of a future “bugmageddon” if cybersecurity defenders cannot use the same or similar systems to find and fix their vulnerabilities first.

The origin of GLM-5.2 in China means the regime in Beijing could have influenced the code, including its depiction of the Chinese Communist Party (CCP). It could be built with hidden backdoors that facilitate the CCP’s own hacking and surveillance of global users. More broadly, GLM-5.2 and the availability of powerful U.S. semiconductors in China add to the competitiveness of China’s AI development, which will boost China’s economy and military technology.

China’s AI companies may have gotten an assist from mid-June U.S. controls and pressure against the availability of leading U.S. models, including Anthropic’s Mythos and Fable, and OpenAI’s GPT-5.6. Within ten days of the controls, GLM-5.2 gained top or near-top rankings on several leaderboards, including Design Arena, Artificial Analysis, and SWE-bench PRO. Z.ai’s market capitalization rose to $128 billion.

Floor signage for DeepSeek's offices (C) is seen in Beijing on Jan. 28, 2025. (Peter Catterall/AFP via Getty Images)
Floor signage for DeepSeek's offices (C) is seen in Beijing on Jan. 28, 2025. Peter Catterall/AFP via Getty Images

The U.S. restrictions were meant to reduce the possibility that Anthropic and OpenAI models would be used to trigger a “bugmageddon” effect by hackers and adversary governments. But another concern quickly rose in China’s ascendancy on some metrics. So the United States rolled back its restrictions, and on July 1, Fable became globally available again.

The more powerful Mythos was available to leading U.S. national security and corporate cybersecurity entities, enabling them to harden their systems against cyberattacks. Its availability to U.S. global partners is still pending, however, which led some to call for greater AI development within their own nations.

The rolled-back restrictions indicate the tightrope regulators must walk between ensuring the United States leads in AI and mitigating the risk that the rapidly evolving technology is used against it, including by the CCP. The neck-and-neck AI race between the United States and China will increase the CCP’s diplomatic influence among those willing to look the other way regarding Beijing’s authoritarianism and espionage.

Meanwhile, prepare for cybersecurity chaos over the next six months to a year as malign actors use GLM-5.2 and other open-weight AI to hack democratic governments, Western corporations, and others who, in some cases, are unprepared to fight fire with fire.

Unlike the United States, which responsibly attempted to limit the use of such models to the most trusted U.S. and UK entities, the regime in Beijing allowed the global, public release of GLM-5.2 with only weak guardrails. This indicates the CCP’s irresponsibility and short-sightedness. Rogue AI may one day attack not only the democracies, but all of humanity.

Views expressed in this article are opinions of the author and do not necessarily reflect the views of The Epoch Times.
Google LogoMark Us Preferred on Google
Anders Corr
Anders Corr
Author
Anders Corr has a bachelor’s/master’s in political science from Yale University (2001) and a doctorate in government from Harvard University (2008). He is a principal at Corr Analytics Inc. and publisher of the Journal of Political Risk, and has conducted extensive research in North America, Europe, and Asia. His latest books are “The Concentration of Power: Institutionalization, Hierarchy, and Hegemony” (2021) and “Great Powers, Grand Strategies: the New Game in the South China Sea” (2018).
twitter