Anthropic Restricts Access to AI Model Over Cybersecurity Concerns
Anthropic, the San Francisco-based artificial intelligence startup, announced on Tuesday that it is withholding its latest AI model, Claude Mythos, from public release due to fears it could enable widespread hacking. The company revealed that Mythos has proven exceptionally adept at exposing software weaknesses, identifying thousands of vulnerabilities in commonly used applications for which no patches exist.
Defensive Strategy Against Cyber Threats
Mike Krieger of Anthropic Labs explained at a HumanX AI conference in San Francisco that instead of releasing Mythos publicly, the company is collaborating with cybersecurity specialists and open-source engineers. "We have a new model that we're explicitly not releasing to the public," Krieger stated, emphasizing the goal of using Mythos as a defensive weapon to arm experts ahead of potential attacks.
Anthropic highlighted that the vulnerabilities uncovered by Mythos include some dating back 27 years, none of which were previously noticed by their creators. For instance, the AI found a subtle flaw in video software that had been tested over 5 million times without detection.
Glasswing Project and Industry Collaboration
As a precautionary measure, Anthropic has launched the "Glasswing" project, sharing a version of Mythos with key cybersecurity firms and tech giants. Partners include CrowdStrike, Palo Alto Networks, Amazon, Apple, Microsoft, Cisco, Broadcom, and the Linux Foundation. Approximately 40 organizations involved in computer system design and maintenance have joined the initiative.
Anthony Grieco, Cisco's chief security and trust officer, noted in a joint release, "This work is too important and too urgent to do alone. AI capabilities have crossed a threshold that fundamentally changes the urgency required to protect critical infrastructure from cyber threats, and there is no going back."
Risks and Government Discussions
Anthropic warned in a blog post that AI models like Mythos have reached a level where they can surpass most humans in finding and exploiting software vulnerabilities, posing severe risks to economies, public safety, and national security. The company has engaged in discussions with the US government regarding Mythos, despite a White House directive to terminate contracts with the startup, which is currently on hold due to a legal challenge.
Elia Zaitsev, CrowdStrike's chief technology officer, added, "The window between a vulnerability being discovered and being exploited by an adversary has collapsed – what once took months now happens in minutes with AI. Claude Mythos Preview demonstrates what is now possible for defenders at scale, and adversaries will inevitably look to exploit the same capabilities."
Anthropic is providing about $100 million worth of computing resources for the Glasswing project, with partners set to share findings to enhance cybersecurity defenses globally.
