by Malcolm Murray
Enrico Fermi famously asked – allegedly out loud over lunch in the cafeteria – “Where is everybody?”, as he realized the disconnect between the large number of habitable planets in the universe and the number of alien civilizations we actually had observed.
Today, we could in a similar vein ask ourselves, “Where is all the AI-enabled cybercrime?” We have now had three years of AI models scoring better than the average humans on coding tasks, and four years of AI models that can draft more convincing emails than humans. We have had years of “number go up”-style charts, like figure 1 below, that show an incessant growth in AI capabilities that would seem relevant to cybercriminals. Last year, I ran a Delphi study with cyber experts in which they forecast large increases in cybercrime by now. So we could have expected to be seeing cybercrime run rampage by now, meaningfully damaging the economy and societal structures. Everybody should already be needing to use three-factor authentication.

But we are not. The average password is still 123456. The reality looks more like figure 2. Cyberattacks and losses are increasing, but there is no AI-enabled exponential hump.

So we should ask ourselves why this is. This is both interesting in its own right, as cyberattacks hold the potential of crippling our digital society, as well as for a source of clues to how advanced AI will impact the economy and society. The latter seems much needed at the moment, as there is significant fumbling in the dark. Just in the past month, two subsequent Dwarkesh podcasts featured two quite different future predictions. First, Daniel Kokotajlo and Scott Alexander outlined in AI 2027 a scenario in which AGI arrives in 2027 with accompanying robot factories and world takeover. Then, we had Ege Erdil and Tamay Besiroglu describing their vision, in which we will not have AGI for another 30 years at least. It is striking how, while using the same components and factors determining AI progress, just by putting different amounts of weight on different factors, different forecasters can reach very different conclusions. It is like as if two chefs making pesto, both with basil, olive oil, garlic, pine nuts, cheese, but varying the weighting of different ingredients, both end up with “pesto,” but one of them is a thick herb paste and the other a puddle of green oil.
Below, I examine the potential explanations one by one and how plausible it is that they hold some explanatory power. Finally, I will turn to if these explanations could also be relevant to the impact of advanced AI as a whole. Read more »