An AI model deemed too dangerous for the public is raising concerns in the financial sector
A new model of artificial intelligence, capable of identifying and exploiting computer vulnerabilities at an unprecedented level, is causing concern among governments and the financial industry, writes The Telegraph.
Model Claude Mythos strikes fear into the financial system/PHOTO:Shutterstock
Developed by the company Anthropic, the Claude Mythos model was not released to the public after its creators concluded that it might be too dangerous.
Information about its existence came to light earlier this month after Fortune journalists discovered unsecured internal documents online, including a draft official announcement. The company attributed the incident to human error.
Capabilities that exceed today's standards
According to the developers, Mythos has advanced hacking skills comparable to those of human cybersecurity experts.
The model reportedly identified thousands of zero-day vulnerabilities in some of the most widely used computer systems. These previously unknown vulnerabilities can be exploited for cyber attacks or data theft.
Anthropic claims that the system can combine multiple software weaknesses, mimicking the way hackers operate, which can amplify the impact of a potential attack.
What is Claude Mythos
Mythos is part of the Claude family of AI models, developed by Anthropic as an alternative to systems such as ChatGPT (OpenAI) and Gemini (Google).
The model was unveiled earlier this month as part of internal tests on AI's ability to perform tasks deemed “out of alignment” with human values and behaviors. According to the researchers, it proved “remarkably effective in computer security tasks”.
Because of the risk of identifying and exploiting old vulnerabilities in the software, the company did not release the public model.
Instead, Mythos was made available to major tech companies such as Amazon Web Services, Microsoft, Nvidia and CrowdStrike as part of the “Project Glasswing” initiative, described as an effort to strengthen the security of critical software globally.
On Thursday, April 16, Anthropic announced an updated version of the Claude Opus model, noting that it will allow the Mythos' cybernetic capabilities to be tested on less powerful systems.
Questions about the magnitude of the risks
Although concerns about the Mythos are more intense than with previous models, some cybersecurity experts say the true level of risk remains unclear in the absence of extensive independent assessments.
The UK Institute for AI Security has had access to a preliminary version of the model and has published the only independent analysis available to date.
The researchers concluded that the model can identify vulnerabilities in low-security environments, but is not significantly more advanced than its predecessor, Claude Opus 4.
“Our tests show that Mythos Preview can exploit low-security systems, and it's likely that such capabilities will become more common in future models“, noted the authors of the report.
New AI cameras installed in a UK county instantly detect if you're not wearing your seatbelt or using your phone
At the same time, analysts point out that this is not the first time that AI developers have chosen to limit or delay the release of models for security reasons — a practice sometimes criticized as a marketing strategy.
A similar precedent occurred in 2019, when OpenAI delayed the full publication of the GPT-2 model, citing potential risks.
High level reactions
The emergence of the model has generated high-level reactions, including in the United States and Britain, where authorities and financial institutions are analyzing the risks.
Officials such as Scott Bessent and Jerome Powell have called meetings with banking leaders to discuss the implications.
In parallel, about 40 companies, including tech giants and financial institutions, have been given limited access to the model through a program called Project Glasswing, to identify and fix potential vulnerabilities.
Fears of misuse
Experts warn that if such technologies fall into the hands of malicious actors, the consequences could be dire.
“These designs could become powerful cyber weapons,” said David Krueger, a former government adviser. He warned that the attacks could affect critical infrastructure or defense systems.
However, not all specialists are convinced that the risks are fully demonstrated. Some believe that further testing is needed to assess the true capabilities of the model.
Between risk and exaggeration
A report by the UK's AI Security Institute shows that Mythos represents an advance over previous models, but it's not clear to what extent it can outperform well-protected systems.
Ukraine accelerates the technological race: more than 200 companies develop drones with artificial intelligence
According to the assessment, the model is capable of attacking vulnerable systems, but its effectiveness against well-secured infrastructures remains uncertain.
Control and security concerns
Anthropic acknowledged that some early versions of the model had unexpected behaviors. In an internal test, one variant was able to break out of a controlled environment and access the Internet without authorization.
Such incidents have fueled fears about control over advanced AI systems.
“It's the kind of technology that could theoretically get out of hand,” Krueger said.
For now, the model remains restricted and access is limited to select organizations.
Cyber security experts say the most effective measure for companies is to strengthen existing systems.
“We have a warning that a major threat could be coming, but we're not at that point yet“said Rafe Pilling, a security specialist.
In the longer term, however, there is a consensus that such technologies will become increasingly accessible—including to hostile actors—which will fundamentally transform the way cyber risks are managed.
