ShortSpan.ai logo Home

AI failures will grow in frequency and harm

Defenses
Published: Wed, Oct 26, 2016 • By Dr. Marcus Halden
AI failures will grow in frequency and harm
A recent timeline study compiles reported AI failures and projects that both their frequency and severity will rise as systems broaden. It ties AI safety to standard cybersecurity practice, arguing that single safety mechanisms are insufficient and that layered defences, continuous testing and incident response must replace any notion of perfect security.

The paper assembles documented failures of artificial intelligence systems and reads them as a warning: as AI systems broaden, failures will become both more common and more serious. For practitioners who think of AI as just an engineering novelty, the study reframes incidents as a continuity of the same risks we face in conventional cybersecurity, but with a different tail risk when systems generalise.

Why this timeline matters

At surface level the authors show many real-world AI mishaps and use those cases to extrapolate future behaviour. For narrow systems — think a fraud classifier or a recommendation engine — they judge the criticality of safety failures comparable to typical cybersecurity incidents: inconvenient, costly, sometimes reputationally damaging. But they stress a sharp discontinuity for broadly capable or general systems. A single failure in a highly capable system could cascade in ways that are hard to reverse and that could cause catastrophic outcomes with no easy recovery.

The paper emphasises a practical point: cybersecurity and AI safety share many tools and mindsets. Threat modelling, defence-in-depth, monitoring, red-teaming and robust incident response all transfer. The difference lies in goals. In cybersecurity we usually aim to reduce the number of successful attacks; in AI safety the ideal is to ensure zero safety bypasses. The authors point out that zero is an impossible standard in practice, so planning must accept failure as possible and prepare to contain it.

What to expect and how to prepare

Two themes recur. First, attackers and curious users will keep probing safety mechanisms, so assume bypass attempts will happen. Second, when models become more capable the consequences of a single bypass can amplify rapidly. That combination changes how you threat-model: it is not only whether an attacker can get past a guard, but what happens to downstream systems and to any humans who rely on the AI’s outputs.

Mitigations the paper highlights align with standard security practice. Build layered controls rather than a single safety gate. Run continuous evaluations and red-team exercises that test for bypasses and unexpected behaviours. Instrument and monitor models so anomalies are visible early. Develop containment options and clear incident-response playbooks; the idea of a kill switch sounds blunt, but a reliable way to limit damage is essential if systems can escalate rapidly.

The study does not catalogue every possible societal misuse, nor does it prescribe governance fixes, but it flags that governance and policy are part of the risk picture because large-scale failures can stretch beyond individual organisations to systemic disruption and misuse.

Operational takeaways:

  • Adopt defence-in-depth for model safety and assume at least one layer will fail.
  • Prioritise continuous testing, red teaming and monitoring over one-off assessments.
  • Design containment and clear incident-response playbooks before you need them.

Additional analysis of the original ArXiv paper

📋 Original Paper Title and Abstract

Artificial Intelligence Safety and Cybersecurity: a Timeline of AI Failures

Authors: Roman V. Yampolskiy and M. S. Spellchecker
In this work, we present and analyze reported failures of artificially intelligent systems and extrapolate our analysis to future AIs. We suggest that both the frequency and the seriousness of future AI failures will steadily increase. AI Safety can be improved based on ideas developed by cybersecurity experts. For narrow AIs safety failures are at the same, moderate, level of criticality as in cybersecurity, however for general AI, failures have a fundamentally different impact. A single failure of a superintelligent system may cause a catastrophic event without a chance for recovery. The goal of cybersecurity is to reduce the number of successful attacks on the system; the goal of AI Safety is to make sure zero attacks succeed in bypassing the safety mechanisms. Unfortunately, such a level of performance is unachievable. Every security system will eventually fail; there is no such thing as a 100% secure system.
Attribution Original paper on arXiv
← Back to Latest