AI-boosted hacks with Anthropic’s Mythos could have dire consequences for banks - Hawaii Tribune-Herald

By AJ VICENS and RAPHAEL SATTER Reuters Share this story Anthropic’s Mythos, a new AI model the company and cybersecurity experts warn could supercharge complex cyberattacks, poses significant challenges to the banking industry with its legacy technology systems, experts said in the days following the model’s announcement. The model, announced April 7, is the company’s “most capable yet for coding and agentic tasks,” the company said in a blog post, referring to the model’s ability to act autonomously. ADVERTISING Its capabilities to code at a high level have given it a potentially unprecedented ability to identify cybersecurity vulnerabilities and devise ways to exploit them, experts said. That’s a particular problem for banks and other financial institutions, which run technology stacks that integrate state-of-the-art tools with decades-old software, potentially opening a large number of vulnerabilities, according to TJ Marlin, the chief executive of enterprise AI security firm Guardrail Technologies. Marlin said Mythos Preview can “look across a very complex architecture, including this legacy infrastructure where, frankly, these undiscovered vulnerabilities and complexities are now accessible and threat factors.” The banking industry is also closely connected, with many companies operating the same narrow set of software to onboard customers, perform know-your-customer checks, and handle transactions. “Because it’s a very specialized industry and heavily regulated, there’s a lot of IT interconnections,” said Naresh Raheja, a San Francisco-based consultant who previously worked at the Office of the Comptroller of the Currency. “Many banks use the same vendors and the same solutions.” Marlin said that could act as a force multiplier for breaches, making any AI-powered exploits “potentially catastrophic at scale.” Government officials in at least three countries — the U.S., Canada and Britain — have met with top banking officials to discuss the threats posed by Claude Mythos Preview. The U.S. Treasury said that Donald Trump’s administration was pushing financial institutions “to understand and anticipate a wide range of market developments” and that further meetings around the issue were planned. Anthropic declined to comment beyond its April 7 announcement. Anthropic has said Claude Mythos Preview will not be made generally available. Instead, the company announced Project Glasswing, in which it invited major tech companies, cybersecurity vendors and JPMorgan Chase, along with several dozen other organizations, to privately evaluate the model and prepare defenses accordingly.