AI Hackathon: UK Gov finds & fixes critical cyber flaws
Summary
The Government Cyber Coordination Centre, with partners, has tested frontier AI models in government cyber defense. This initiative used hackathons to identify and fix unknown vulnerabilities in public code. Over one month, teams from nine government organizations used AI to scan code. They found 407 issues, including critical weaknesses like authentication bypass. All critical problems have now been fixed. One discovery involved a flaw in legacy GitHub Actions. This could have allowed external users to trigger workflows and extract sensitive data. The AI token usage for this project cost £13,000. Key lessons included the need for structured AI architecture and human oversight. The GC3 plans to expand this pilot to more departments and include additional AI models. This project aims to boost cyber resilience across the UK public sector.
This is an AI-generated audio summary. Always check the original source for complete reporting.