Amid the rapid evolution of artificial intelligence (AI), the U.S. government is escalating its vigilance regarding potential cybersecurity threats. According to media reports on Friday, October 10th Eastern Time, U.S. officials have urged a group of major Wall Street banks to test Anthropic's newly launched AI model, Mythos, to identify potential system vulnerabilities and enhance defensive capabilities. Kevin Hassett, former Chief Economic Advisor to President Trump and Director of the White House National Economic Council, acknowledged in an interview that Anthropic's AI model has instilled a sense of urgency within the administration. On the day this news emerged, investor concerns about AI threats to network infrastructure and their potential to disrupt the business models of cybersecurity companies were reignited. Cybersecurity stocks broadly declined. At the close, Akamai Technologies fell nearly 16.7%, Palo Alto Networks dropped over 6.7%, CrowdStrike declined almost 4%, and Zscaler decreased by approximately 3.4%.
The initiative to test the Mythos model reflects heightened regulatory attention to the cyberattack risks potentially posed by the new generation of AI. Overall, intensive actions from the Treasury Department and the Federal Reserve to senior White House officials indicate that AI is no longer viewed merely as an efficiency tool but is also seen as a potential source of systemic risk. The requirement for Wall Street to conduct hands-on testing signifies that regulators are moving AI security from theoretical discussion to practical validation. It is noteworthy that in recent years, regulators have required banks to set aside capital for "operational risks" such as cyberattacks, but this area has been controversial due to the difficulty of quantification. As AI-driven cyber threats escalate, the importance of such risks is rising significantly and may prompt a further tightening of the regulatory framework.
In a rare joint move, the Treasury Department and the Federal Reserve urgently convened Wall Street executives. Reports indicate that U.S. Treasury Secretary Janet Yellen and Federal Reserve Chair Jerome Powell temporarily convened a meeting in Washington on Tuesday, April 7th, with executives from several major banks, urging them to take seriously the potential cyber threats posed by the Anthropic model. Attending institutions included systemically important financial institutions such as JPMorgan Chase, Goldman Sachs, Citigroup, Bank of America, and Morgan Stanley. Citing informed sources, media reported that these banks have already begun or are about to commence internal testing using the Mythos model to assess the vulnerability of their respective systems. According to these sources, JPMorgan Chase was the only bank specifically named to participate in the Mythos model testing program, while other major financial institutions have also been granted access or are expected to receive it within the coming days. Goldman Sachs, Citigroup, Bank of America, and Morgan Stanley are all slated to conduct tests. It is reported that U.S. regulators did not specify the exact threat posed by the Mythos model but clearly recommended that banks use it to stress-test their own systems to enhance their cyber defense capabilities.
Hassett stated there is "absolutely a sense of urgency" within the government. Also on Friday, during an interview, Hassett was asked about the news of Yellen and Powell's meeting with major Wall Street banks to discuss the risks associated with the Anthropic model and whether the White House felt a "sense of urgency" regarding Anthropic's new AI model. Hassett replied, "Absolutely. There is definitely a sense of urgency." Hassett confirmed that Yellen and Powell discussed the cyber risks associated with the model with the executives of the major banks. He recalled that the bankers from those major institutions were in Washington for meetings that day, and it was appropriate for Yellen to take that action. Hassett emphasized that the administration is "taking all possible measures to ensure all parties are protected from potential risks." Simultaneously, Anthropic has agreed to restrict the public release of the model until regulatory assessments are completed.
The new AI model possesses dual offensive and defensive capabilities; Anthropic advances testing program to bolster AI security. According to disclosures from Anthropic, the Mythos model demonstrated network capabilities encompassing both "offensive and defensive" attributes during testing. For instance, the model can autonomously discover multiple browser vulnerabilities and chain them together to exploit them, thereby gaining access to sensitive data across websites—a capability that is often challenging even for experienced hackers to achieve. This "vulnerability chain" attack path means that even highly secure systems could be breached, with a complexity reminiscent of historically significant cyberattack incidents like the Stuxnet attack. Currently, Anthropic has restricted access to the Mythos model for testing by a select group of companies, including tech giants like Apple and Amazon, as well as some major banks. This testing program, named Glasswing, aims to strengthen the security of critical infrastructure before a wider release of AI models.
Comments