AI Data Poisoning Threatens National Security and Public Safety in China

The article explicitly discusses AI systems (large language models and generative AI) being targeted by malicious data poisoning attacks that degrade model performance and output false information. These attacks have already caused or are causing harms such as misinformation, political and ideological disruption, data corruption affecting decision-making, and misleading recommendations that can cause physical and financial harm to consumers. The harms fall under multiple categories including harm to communities, violation of rights, and harm to property and health. The AI system's development and use are directly implicated in these harms. Hence, this is an AI Incident rather than a hazard or complementary information.

The event explicitly involves AI systems (large AI models) whose training data and model parameters are maliciously poisoned, leading to degraded AI outputs that misinform users and disrupt societal and national security. The harms are direct and systemic, including misinformation, market disruption, threats to political and data security, and risks to public health and safety. The article details ongoing realized harms and the existence of a complete illicit industry chain causing these harms. Hence, it meets the criteria for an AI Incident, as the AI system's misuse and malfunction have directly and indirectly led to significant harms.

The event involves the use and development of AI systems that are being maliciously manipulated through data and model poisoning, which directly or indirectly leads to significant harms such as misinformation, political and social disruption, threats to national security, and harm to public health and safety. These harms fall under violations of rights, harm to communities, and potential injury or harm to persons. Since the harms are occurring or have occurred as a result of AI system manipulation, this qualifies as an AI Incident rather than a mere hazard or complementary information. The article's focus is on the realized and ongoing harms caused by AI data poisoning and the associated security risks, not just potential future risks or governance responses alone.

The event involves the use and development of AI systems that are deliberately targeted by malicious data poisoning attacks, which directly or indirectly cause harm to communities, national security, and individuals' health and property. The harms described include misinformation campaigns, political destabilization, economic disruption, and risks to public safety, all linked to AI system manipulation. Since these harms are occurring or have occurred as a result of AI system misuse, this qualifies as an AI Incident. The article also discusses governance responses, but the primary focus is on the realized harms from AI data poisoning.

The event involves AI systems explicitly, specifically AI large language models and generative AI models that are being targeted by malicious data poisoning attacks. These attacks directly or indirectly lead to significant harms: misinformation and political destabilization (harm to communities and violation of rights), economic disruption, and risks to health and property through false AI recommendations. The article reports that these harms are occurring and pose systemic, long-term threats, thus constituting an AI Incident. The detailed description of harms and ongoing impacts confirms this classification rather than a mere potential risk or complementary information.

The event involves AI systems explicitly, focusing on their development and use phases where malicious data and model manipulations directly degrade AI performance and outputs. The harms described include violations of market order, consumer rights, political and social stability, and national security, all of which fall under the defined categories of AI Incident harms (a, c, d). Since the harms are ongoing and systemic, and the AI systems' compromised outputs have directly led to these harms, this qualifies as an AI Incident rather than a hazard or complementary information. The article is a security advisory highlighting realized harms and risks, not merely potential or background information.

The event involves AI systems explicitly, focusing on their development and use phases where malicious actors inject poisoned data or backdoors into AI models. The harms described include violations of political and social security, misinformation dissemination, economic disruption, and risks to public health and safety, all of which have either occurred or are ongoing. The article details a chain of events where AI systems have been compromised, leading to direct and indirect harms to individuals, communities, and national security. Therefore, this qualifies as an AI Incident because the AI system's development and use have directly and indirectly led to significant harms as defined in the framework.

The article explicitly describes AI systems being targeted and manipulated through data poisoning and model poisoning techniques, which directly lead to harms including misinformation, political destabilization, consumer deception, and threats to national security and social stability. These harms fall under violations of rights, harm to communities, and harm to societal security. The involvement of AI systems is clear, as the attacks target AI training data and models, causing them to output false or misleading information. The harms are realized and ongoing, not merely potential. Hence, this is an AI Incident rather than a hazard or complementary information.

The event involves the use and development of AI systems, specifically large AI models, which are being targeted by malicious data poisoning attacks. These attacks directly or indirectly lead to significant harms: misinformation and disinformation campaigns threaten political and social stability (harm to communities and violation of rights), degradation of AI model reliability affects decision-making in critical sectors (harm to health and property), and the manipulation of AI outputs can mislead consumers causing personal and financial harm. The article reports on ongoing and realized harms caused by AI data poisoning, not just potential risks. Therefore, this qualifies as an AI Incident due to the direct and indirect harms caused by the malicious use of AI systems and their outputs.

The event involves the use and development of AI systems that are deliberately poisoned with malicious data, leading to direct and indirect harms such as misinformation, political destabilization, economic disruption, and threats to public safety and national security. These harms fall under violations of rights, harm to communities, and potential injury or harm to persons. Since the harms are occurring and the AI system's compromised outputs are central to these harms, this qualifies as an AI Incident. The article also discusses governance responses, but the primary focus is on the realized harms caused by AI data poisoning.

The event involves AI systems explicitly, specifically AI large models being poisoned through malicious data injection and model manipulation. The harms described include violations of political security, data security, social stability, and consumer safety, which align with harms to communities, rights, and property. Since these harms are occurring due to the use and misuse of AI systems, this qualifies as an AI Incident. The article also discusses governance responses, but the primary focus is on the realized harms caused by AI data poisoning.

The event involves the use and development of AI systems that are deliberately compromised through data and model poisoning, which directly or indirectly leads to significant harms such as misinformation, political and social destabilization, violation of data integrity, and risks to public safety and property. These harms align with the definitions of AI Incidents, as the AI systems' outputs are distorted due to malicious interference, causing real and ongoing harm. The article reports on realized harms and threats already manifesting in society, not just potential future risks. Therefore, this qualifies as an AI Incident rather than a hazard or complementary information.

The event involves the malicious use and manipulation of AI systems through data and model poisoning, which directly leads to multiple harms: misinformation and political rumors affecting social and political stability (harm to communities and violation of rights), disruption of data integrity affecting government and enterprise decision-making (harm to property and societal functions), and risks to public safety in critical sectors (harm to health and property). The AI systems' outputs are distorted due to poisoned training data and model backdoors, causing these harms. The article reports ongoing and realized harms rather than hypothetical risks, thus qualifying as an AI Incident rather than a hazard or complementary information.

The event involves AI systems explicitly, specifically AI large language models and other AI models trained on data that has been maliciously poisoned. The harms described include violations of political and social stability (harm to communities), threats to national data security (harm to property and governance), and direct risks to health and property through misleading AI outputs in critical sectors. The article reports ongoing and realized harms, not just potential risks, and details a sophisticated malicious use of AI systems. Hence, this qualifies as an AI Incident under the OECD framework because the AI system's misuse has directly and indirectly led to significant harms.

The event involves AI systems explicitly (AI large models trained on data), and the malicious data poisoning directly leads to harms such as misinformation, political and social disruption, threats to national security, and consumer harm. The article details realized harms caused by the AI system's manipulation, including indirect harm through misinformation and direct harm through misleading recommendations in critical sectors like healthcare and finance. The cross-border and industrialized nature of the poisoning chain further underscores the systemic impact. Hence, this is an AI Incident as the AI system's use and manipulation have directly and indirectly caused significant harms as defined in the framework.

The event explicitly involves AI systems (large AI models) being targeted by data poisoning attacks, which directly lead to multiple harms: consumer harm, market disruption, misinformation affecting political and social stability, and risks to critical sectors like healthcare and finance. The harms are systemic and ongoing, not merely potential. The article also references malicious use by hostile foreign actors, indicating intentional misuse of AI systems. This fits the definition of an AI Incident, as the AI system's use and malfunction (due to poisoned data) have directly and indirectly caused significant harms to individuals, communities, and national security.

The article explicitly discusses AI systems being maliciously manipulated through data and model poisoning, which directly leads to harms such as misinformation, disruption of business and social order, threats to national security, and risks to public health and property. The harms are occurring or have occurred as a result of the AI system's compromised outputs. The presence of AI systems is clear, and the harms fall under multiple categories including harm to communities, violation of rights, and harm to property and health. Hence, this is an AI Incident rather than a hazard or complementary information.

The event involves the malicious use of AI systems through data poisoning attacks that directly or indirectly harm information integrity, commercial order, and national security, which are forms of harm to communities and potentially to critical infrastructure or rights. Although no specific incident of realized harm is detailed, the article emphasizes ongoing and active malicious activities causing harm and the need for governance responses. Therefore, this qualifies as an AI Incident because the AI system's use (via poisoned data) has directly led to harms such as misinformation and security threats.

The event involves the use and development of AI systems that are being deliberately compromised through data and model poisoning, which directly or indirectly leads to multiple harms: misinformation disrupting communities and political stability (harm to communities and violation of rights), threats to national security (harm to communities and environment), and risks to public health and safety (injury or harm to persons). Although the article does not describe a single discrete incident, it reports ongoing realized harms caused by AI systems compromised via poisoning attacks. Therefore, this qualifies as an AI Incident due to the direct and indirect harms caused by the malicious manipulation of AI systems.

The report explicitly involves AI systems being targeted by malicious data poisoning attacks that degrade AI model accuracy and cause false outputs, which have already led to harms such as misinformation campaigns, political destabilization, consumer deception, and threats to national security. The harms are direct and systemic, involving violation of rights, harm to communities, and potential injury to persons through misleading AI outputs in critical sectors like healthcare and finance. The AI system's malfunction or misuse (via poisoned data) is central to these harms, meeting the criteria for an AI Incident rather than a hazard or complementary information.

The event explicitly involves AI systems (AI large models) and malicious interference with their training data (data poisoning). This manipulation directly harms the AI system's performance and leads to broader harms such as disruption of commercial order, misinformation risks, and threats to national security. These harms fall under the definitions of harm to communities and breach of obligations under applicable law. The article describes realized harms, not just potential risks, making this an AI Incident rather than a hazard or complementary information.

The event involves the use and development of AI systems (large language models and AI-enhanced search) that are being deliberately targeted by malicious actors injecting harmful data ('data poisoning'). This has directly led to harms including misinformation dissemination, disruption of information ecosystems, and threats to national security, which fall under harm to communities and violation of obligations to protect fundamental rights. The article describes realized harms and ongoing risks, making this an AI Incident rather than a mere hazard or complementary information. The detailed description of harms and the direct link to AI system manipulation justifies classification as an AI Incident.

The article explicitly describes AI systems (large language models and AI platforms) being maliciously manipulated through data poisoning, which directly harms information accuracy, commercial fairness, and national security. The harms are ongoing and systemic, including misinformation and potential espionage, which fall under harm to communities and violations of legal and security obligations. The involvement of AI systems in their development, use, and malfunction (due to poisoning) is central to the event. The article also discusses responses and governance but the primary focus is on the realized and ongoing harms caused by AI data poisoning. Hence, the event is best classified as an AI Incident.

The article explicitly discusses AI systems being maliciously manipulated through data poisoning, resulting in false information dissemination, misleading recommendations causing consumer harm, and threats to national security and social stability. These outcomes constitute violations of rights, harm to communities, and potential injury to persons and property. Since these harms are occurring or have occurred due to AI system misuse, this qualifies as an AI Incident rather than a hazard or complementary information. The article's focus is on the harms caused by AI misuse, not just potential risks or responses.