David Solomon, the chief executive of Goldman Sachs, has declared himself "hyper-aware" of the advanced capabilities and potential cybersecurity threats posed by Anthropic's latest artificial intelligence model, Mythos. This statement follows urgent discussions among top US bankers and regulators in Washington, highlighting growing concerns over AI's role in financial system vulnerabilities.
Banking Giant on High Alert
Speaking to analysts during a recent earnings call, Solomon emphasized that Goldman Sachs is closely monitoring the rapid progress in large language models (LLMs) and their implications for cybersecurity. "We have the model. We're working closely with Anthropic and all of our security vendors to harness frontier capabilities wherever it's possible," Solomon stated, underscoring the bank's proactive stance. He added that enhancing cyber and infrastructure resilience remains a critical focus, with accelerated investments in these areas.
Anthropic's Stark Warning
Anthropic, the developer behind the Claude AI tools, issued a dire warning last week about its new Mythos model. In a blogpost, the company asserted that AI models have achieved a level of coding proficiency enabling them to outpace all but the most skilled human experts in identifying and exploiting software vulnerabilities. "The fallout – for economies, public safety, and national security – could be severe," Anthropic cautioned, pointing to unprecedented risks due to Mythos's ability to uncover flaws in IT systems.
Regulatory Response Intensifies
The urgency of the situation was underscored when US Treasury Secretary Scott Bessent summoned Solomon and other major American bankers to Washington last week. The meeting concentrated on systemically important banks, where regulators fear that operational disruptions or collapses could jeopardize financial stability. Concurrently, the UK government's AI Security Institute (AISI) labeled Mythos a "step up" in cyber threat potential, capable of executing multi-step attacks and discovering IT weaknesses autonomously.
Testing and Future Implications
AISI revealed that Mythos successfully completed a complex 32-step cyber-attack simulation in three out of ten attempts, a task that typically requires human professionals days to accomplish. While the institute noted that Mythos appears able to autonomously target weakly defended IT systems, it could not definitively assess its capability against well-defended ones due to test limitations. "Investment now in cyber defence is vital," AISI warned, noting that future AI models will likely surpass Mythos's abilities.
Upcoming UK Discussions
In the coming weeks, UK regulators plan to address the risks associated with Mythos with British bank executives and government officials. The Cross Market Operational Resilience Group (CMorg), comprising chief executives and representatives from the Treasury, Bank of England, Financial Conduct Authority, and National Cyber Security Centre, is scheduled to meet within the next fortnight. The Bank of England, managing CMorg communications, has declined to comment on the matter.
This development highlights a broader industry shift toward prioritizing AI-driven cybersecurity measures as financial institutions grapple with evolving technological threats. Solomon's remarks and the coordinated regulatory actions reflect a heightened awareness of the need for robust defenses in an increasingly digital banking landscape.
