Why Is Anthropic’s Mythos Keeping Regulators On The Edge?
Superadmin
Finance minister (FM) Nirmala Sitharaman today held a meeting with heads of banks amid growing concerns over cybersecurity risks posed by advanced AI systems.
However, the meeting was not a usual affair. It came in the backdrop of the recent limited but controlled release of Anthropic’s Claude Mythos model, which reportedly identified vulnerabilities in several major operating systems.
The meeting was reportedly attended by senior officials from banks, RBI, and the IT ministry (MeitY). As per a report by news agency PTI, the RBI is assessing the extent of risks posed by such vulnerabilities to the Indian financial sector.
Discussions also covered the safeguards and response mechanisms needed to address AI-driven cybersecurity threats. Banks were urged to take pre-emptive measures to strengthen the security of their systems, customer data and financial assets.
The meeting comes days after concerns around Anthropic’s Mythos, a model which can autonomously find thousands of high-severity, zero-day vulnerabilities in major operating systems and web browsers.
The controlled release prompted regulators across the board to assess cybersecurity risks. Not just this, companies across the board are now also examining the risks posed by the new AI model.
As per reports, RBI officials have been holding discussions with their counterparts at the US Federal Reserve and the Bank of England over the past few weeks to assess the risks linked to Mythos and understand what safeguards may be needed.
India’s payment authority, the National Payments Corporation of India (NPCI), is also reportedly trying to secure early access to Mythos along with a small group of banks to identify vulnerabilities and assess potential “day-zero” cyber risks before any wider deployment.
With Anthropic itself describing Mythos as carrying “serious risks” if misused, what is the chatter all about and why is the large language model (LLM) keeping regulators across the globe on the edge?
What Is Claude Mythos?
Mythos is one of Anthropic’s latest AI models developed under its broader Claude family. Introduced earlier this month as “Mythos Preview,” the model is designed for advanced coding and defensive cybersecurity tasks, and is considered the AI giant’s most sophisticated system so far.
Researchers involved in red teaming, the process of testing how AI models handle specific tasks and security threats, described Mythos as highly capable in computer security. They found that it could detect dormant bugs hidden in decades old code, identify serious vulnerabilities across major operating systems and web browsers. It even suggested ways in which these flaws could be exploited.
Anthropic said the model has already discovered “thousands” of high severity vulnerabilities, including flaws in every major operating system and browser. In one case, it reportedly found a critical vulnerability that had remained unnoticed for 27 years.
Given the risks involved, Anthropic decided not to release Mythos publicly. Instead, it gave limited access to 12 major technology companies under Project Glasswing, an initiative focused on protecting critical global software infrastructure.
The companies included Amazon Web Services, Apple, Microsoft, Google, chipmakers NVIDIA and Broadcom, and cybersecurity firm CrowdStrike. Anthropic has also provided access to more than 40 organisations responsible for maintaining critical software systems.
Why Are Regulators Concerned?
According to experts and regulators, Mythos could enable cybercriminals to identify and exploit previously unknown software vulnerabilities much faster than companies can patch them. Its advanced coding and autonomous capabilities could also significantly speed up sophisticated cyberattacks, especially in sectors like banking, where IT systems are highly interconnected and often depend on legacy infrastructure.
Anthropic itself warned that AI models have now reached a stage where they can outperform all but the most skilled human experts in finding and exploiting software flaws. “AI models have reached a level of coding capability where they can surpass all but the most skilled humans at finding and exploiting software vulnerabilities,” the company said in a recent blog post.
The company added that the misuse of such models could create severe consequences for economies, public safety, and national security. Finance ministers and central bankers globally have expressed concern that such tools could threaten the stability of financial systems.
Governments Across The Globe Step In
Governments across the world have already begun direct engagement with major banks over the matter. US treasury secretary Scott Bessent recently met top American bankers to discuss the implications of the AI model on systemically-important banks.
The UK’s AI Security Institute warned earlier this week that Mythos represents a “step up” in cyberthreat compared to previous AI models, while Bank of England governor Andrew Bailey said that regulators were closely studying what the development could mean for cybercrime risks.
Japan’s financial watchdog, Financial Services Agency, is also set to meet the country’s largest banks later this week, while Australia’s central bank said it is closely monitoring developments. The European Union has also confirmed that it is in discussions with Anthropic regarding concerns around Mythos.
The global regulatory response to Mythos marks a turning point in how nations perceive AI’s impact on the financial sector. As these newer AI models evolve from mere productivity tools to potential systemic threats, the dialogue appears to have shifted to caution.
Amid this backdrop, central banks across the globe could push financial institutions to identify vulnerabilities and shore up cybersecurity. As regulators find themselves in an unfamiliar race against a technology that operates at a scale far beyond human speed, a key question remains – what will the future of cybersecurity look like?
The post Why Is Anthropic’s Mythos Keeping Regulators On The Edge? appeared first on Inc42 Media.
