February 2025 Headlines

The Emergence of DeepSeek R1: A New Era in AI

The recent release of DeepSeek R1 has sent ripples across the global technology landscape, sparking intense discussions about its disruptive potential, trustworthiness, and implications for the future of artificial intelligence. Developed by the Chinese AI startup DeepSeek, the R1 model has rapidly positioned itself as a formidable contender in the AI arena, challenging established models and showcasing China's growing AI development capabilities (Pietschmann, 2025). R1 leverages the "mixture of experts", which is unlike traditional models that activate their full computational power for every task, R1 intelligently allocates only the necessary resources for each specific task. This innovative approach delivers remarkable benefits, including cost efficiency, performance optimization, and scalability. However, one of the primary concerns for any system or new application is the security risks and the potential for data breaches. 

Security Risks with DeepSeek R1 as a Cloud App vs Local Deployment 

R1 can be used as a cloud-based app or installed on your computer with the network. Both options have security and privacy risks. 

Cloud-based applications are often targeted by cybercriminals when vast amounts of data are at stake. A recent cyberattack on the Chinese AI platform DeepSeek has revealed the inherent vulnerabilities (Vakulov, 2025). The attack, believed to be a distributed denial-of-service (DDoS) attack, forced DeepSeek to disable new user registrations temporarily. This incident underscores the risks associated with AI platforms, such as potential data breaches and the misuse of AI capabilities for malicious purposes to compromise sensitive data used for training and inference. 

Moreover, cloud-based AI services are also vulnerable to privacy leakage. Even if the training data is kept encrypted, the deep neural network models trained on such private data are still susceptible to privacy attacks. Cybercriminals could exploit model inversion attacks to reconstruct sensitive information from the model's outputs (KELA, 2025)

Running DeepSeek R1 locally on a computer mitigates some of the risks associated with cloud-based deployment but introduces other challenges (Abbas, 2025). Local deployment can reduce the risk of data breaches from external cyber attacks, it does require robust security measures and effective guardianship to protect the local environment. System administrators and end-users must ensure that their systems are secure from unauthorized access, and other cyber threats. Furthermore, running Deepseek locally may lead to the risk of call-home or command-control (C2) vulnerabilities. 

A segmented approach using network security technologies (like firewalls) or application containers is likely prudent. However, local deployment of Deepseek R1 AI may not benefit from the same level of security updates and patches that cloud providers typically offer. Remember to be aware of the risks when running new software technologies in an environment with sensitive data.

Conclusion

The emergence of DeepSeek R1 marks a significant milestone in the AI landscape, offering unprecedented cost efficiency and performance optimization. However, it is crucial to consider the cybersecurity and privacy risks associated with its use. Considering the Deepseek AI cloud-based app has experienced a cyber attack already, consider a local installation on a secured network segment to start using this groundbreaking AI model.

NOTE: I recommend NetworkChuck YouTube channel and watching "the ONLY way to run Deepseek..." , where he explains the differences between the R1 cloud app and installing R1 locally. Notably, NetworkChuck notes that the R1 software does not attempt internet communication (for call-to-home activity) in the software version he installed. I also recommend watching "DeepSeek is a Game Changer for AI - Computerphile" on YouTube to be informed about the innovation introduced by R1.

UnitedHealth Ransomware Attack: Largest Healthcare Data Breach in U.S. History

In a significant cybersecurity incident, UnitedHealth's Change Healthcare unit suffered a ransomware attack that has been confirmed as the largest healthcare data breach in U.S. history. The attack, which occurred in February 2024, exposed the personal and medical information of approximately 190 million individuals (Whittaker, 2025).

Details of the Breach

The ransomware attack on Change Healthcare led to the unauthorized access and theft of a vast amount of sensitive data. The compromised information includes names, addresses, dates of birth, phone numbers, email addresses, and government ID numbers such as Social Security, driver's license, and passport details. Additionally, health-related information, including diagnoses, medications, test results, imaging records, care and treatment plans, and health insurance details, was also exposed (Whittaker, 2025).

Impact on the Healthcare Sector

The breach caused widespread disruptions across the U.S. healthcare sector, as Change Healthcare took its systems offline to contain the breach. This shutdown affected critical services such as claims processing, payments, and data sharing, which many healthcare providers rely on (aha.org, 2025). The attack has highlighted the vulnerabilities within the healthcare industry and the need for robust cybersecurity measures to protect sensitive patient data.

This incident is part of a growing trend of ransomware attacks targeting the healthcare sector. According to TechCrunch, the ransomware group ALPHV/BlackCat, a Russian-speaking gang, claimed responsibility for the attack (Knuttson, 2025). The group reportedly received a $22 million ransom payment from UnitedHealth to prevent the public release of the stolen data. However, the attackers did not delete the data as promised, leading to further complications.

Industry Response

In response to the breach, UnitedHealth has been notifying affected individuals and working with law enforcement to investigate the incident. The company has also emphasized its commitment to enhancing its cybersecurity measures to prevent future attacks. Additionally, the healthcare industry is being urged to adopt more stringent security protocols and invest in advanced cybersecurity technologies to safeguard patient data (Whittaker, 2025).

Conclusion

The UnitedHealth ransomware attack serves as a reminder of the critical importance of cybersecurity in the healthcare sector. As cyber threats continue to evolve, healthcare organizations must prioritize the protection of sensitive data and implement comprehensive security strategies to mitigate the risks of future breaches.

Source: CBE

UPDATE: PowerSchool Data Breach impact on Albertans

In December 2024, PowerSchool experienced a significant data breach that affected several school boards in Alberta. The breach compromised sensitive student information, including names, addresses, dates of birth, and Alberta student ID numbers (cbc.ca, 2025).

If you are a parent of a student in one of the impacted school boards, you should have received an email detailing the breach and providing additional steps to protect your child's information (cbc.ca, 2025). This includes enrolling in credit monitoring and identity protection services offered by PowerSchool (cbe.ab.ca, 2025).