Anthropic‘s Claude Mythos 5 and Fable 5 AI models have been suspended by the US Department of Commerce because they are deemed dangerous if accessed by foreign adversaries. These applications are apparently very capable of identifying and exploiting vulnerabilities in software, web browsers, and vital infrastructure. As the US well knows, multiple nations, including China and North Korea, are pursuing a quiet cyber war against the country, and the government does not want bad actors to obtain these powerful models.
CONCRYT partner and co-CEO Azimkhon Askarov says the action by the federal government should raise “alarm bells” for major financial systems around the world. Askarov says that when an AI system can identify and exploit systems within core financial infrastructure, this goes far beyond a single institution or individual.
“We’re ultimately talking about the resilience of the banking system, the exposure of core operating systems and payment networks to bad actors, and the erosion of trust in the financial systems that underpin the global economy,” says Askarov. “The good news is that the same technology capable of exposing weaknesses can help us to find and fix them. But that only happens if we stop focusing solely on what AI can do and spend more time asking what it should do, who is responsible for its deployment, and how risks are managed when things don’t go to plan.”
Askarov notes that regulation will play a role, but it will not keep pace with the speed at which AI is developing. This means businesses and individuals cannot wait for policymakers to make decisions to address the risky situation. He believes that the organizations that build and deploy these models must be responsible for what they release into the wild.
“Done right, AI has the potential to make financial systems smarter, more efficient, and more secure. But ambition alone won’t get us there. If we want to achieve that potential safely, accountability has to be part of the foundation from the very beginning.”
Beyond China and North Korea, Iran and Russia are nation-state actors that threaten the US with their cyber attacks. China is considered the biggest threat because it is the most active in its persistent campaigns against the US. This not only includes espionage and search and control operations, but also ransomware and outright theft.
The US is taking a multi-faceted approach to hostile cyber attacks including hardening of platforms and disruptive operations as well as sanctions and international partnerships. Law enforcement plays a role but this can be difficult when bad actors are shielded by home countries.