UK and Australia push for Claude Mythos access as AI tool exposes thousands of security flaws

UK in talks with Anthropic over Mythos access for banks and business

Anthropic is in active talks with the UK government over rolling out its powerful Claude Mythos model to British businesses eager for access to technology that has raised alarm for its ability to expose cyber security vulnerabilities. Officials are discussing an expanded rollout of the powerful AI model by the San Francisco-based company to key UK-based organisations, according to people familiar with the matter. Banks and financial institutions are among those seeking to get expedited access to the technology to help strengthen their cyber security, but Anthropic told the FT it would not commit to a timeline on this. In light of the risks posed by the model, Anthropic has been rolling Mythos out gradually, first to a select group of 40 organisations that are almost exclusively American. This includes Amazon and Microsoft as well as large banks such as JPMorgan Chase and Morgan Stanley. One executive at a large UK company said they had been discussing the specific vulnerabilities that Mythos exposed with American companies that have access to the model. They added that groups were in discussions with Microsoft about securing "patches" -- technical fixes that close off vulnerabilities found by Mythos. This has allowed companies to begin bolstering their software before they have access to the technology. JPMorgan Chase chief Jamie Dimon has privately warned about the importance of Mythos for the banking sector and the risks that it raises. He cautioned a UK banking executive that organisations should tread carefully with Anthropic's new tool and advised it should be deployed in co-ordination with the government, according to people familiar with the conversation. Similar warnings have been made by regulators, central bankers and cyber security leaders around the world. On Tuesday, German central bank chief Joachim Nagel called for all institutions to have access to Mythos to ensure a level playing field and avoid misuse. The Bundesbank head said in a speech: "This AI model seems to be a double-edged sword, ⁠since it could be used not only to improve digital security systems, but also to leverage their vulnerabilities for malicious purposes." Anthropic unveiled its latest model earlier this month and touted its ability to detect cyber security flaws faster than humans, a feature that has stoked fears worldwide it will generate "exploits" that bad actors can use to take advantage of them. Earlier this week, Anthropic said it was investigating reports that a group of users gained unauthorised access to Mythos through third parties. The UK is the only known government outside the US to have accessed a preview of the model, via its AI Security Institute, a research body that tests frontier AI systems before release. The institute has said that Mythos represents a step up over previous AI capabilities and is able to exploit vulnerabilities "that would take human professionals days of work". Technology minister Liz Kendall and security minister Dan Jarvis warned in a joint public letter last week that "AI cyber capabilities are accelerating even faster than had been previously envisaged" in light of Mythos and urged businesses to fortify their cyber defences. UK lenders also raised the topic with chancellor Rachel Reeves at a roundtable catch-up on Wednesday. Leading British banks, insurers, exchanges and regulators met this week to discuss the cyber security risks of Mythos and AI models more generally. The cross-market operational resilience group, which is co-chaired by the Bank of England and the UK Finance banking trade association, said the meeting had "reflected on the challenges these models present from a cyber security perspective". It said companies had agreed to use AI "to strengthen cyber defence, for example through ongoing efforts to reduce the attack surface available; improving threat detection and investigation; and further exploration into automating mitigation and response measures". The Department for Science, Innovation and Technology did not immediately respond to requests for comment. Additional reporting by Martin Arnold in London

Australia government working with Anthropic over cybersecurity vulnerabilities

SYDNEY, April 23 (Reuters) - Australia is working with software providers including Anthropic over potential cybersecurity vulnerabilities, a spokesperson for Home Affairs minister Tony Burke said ⁠on Thursday, following the firm's release of its Mythos AI model that has caused concern in several countries. Designed for defensive cybersecurity tasks, Mythos' ⁠vast capabilities have sparked fears about the threat to traditional software security, ⁠after Anthropic said a preview had uncovered "thousands" of ⁠major vulnerabilities in "every major operating system ⁠and web browser". Reporting by Alasdair Pal in Sydney; Editing by Muralikumar Anantharaman Our Standards: The Thomson Reuters Trust Principles., opens new tab

Australia joins countries trialing Claude Mythos 'to ​make sure we are aware of emerging vulnerabilities'

* The Australian government confirmed it is working with Anthropic and other providers to stay informed about emerging cybersecurity vulnerabilities. * Anthropic's Mythos Preview, part of Project Glasswing, is said to be powerful enough to discover and exploit flaws at scale, though it remains unreleased to the public. * Debate continues over whether Mythos represents a genuine breakthrough or a PR stunt, with governments and major software firms already testing its potential impact. The Australian government is "working with" Anthropic and other similar software providers to make sure it is "aware of emerging vulnerabilities". This was the statement given by the spokesperson for Home Affairs minister Tony Burke to the media earlier this week. "Our government takes protection of critical infrastructure extremely seriously which is why we're working with software providers and companies like Anthropic to make sure we are aware of emerging vulnerabilities," Reuters cited the spokesperson. How powerful is Mythos really? We don't know if that means the Australian government is using Anthropic's Mythos Preview tool, or if it is just being kept in the loop on the tool's capabilities. Earlier this month, Anthropic announced a new cybersecurity initiative called Project Glasswing. At its heart is Mythos Preview, the company's latest Generative Artificial Intelligence (GenAI) model, allegedly capable of discovering - and exploiting - more vulnerabilities than any of its predecessors. In fact, Mythos is allegedly so powerful that Anthropic decided not to share it with the public and instead gave it to a handful of major software companies. Since then, the internet has been abuzz. While some praised it as a revolution that would practically end cybercrime, others were wary of what might happen if the tool were to fall into the wrong hands. Some, claimed it was all a PR stunt, and slammed Anthropic for basing its advertising on fear. Apparently, OpenAI did the same with an earlier version of Chat-GPT which, as it later turned out, wasn't as powerful as the company was saying. Still, things might be different with Mythos. The US government is apparently using it, despite the company being designated a supply chain risk, and Mozilla CTO recently called the tool the light at the end of the tunnel. Mythos' public release does not yet have a firm date. Via Reuters Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds.

Australia working with Anthropic over cybersecurity vulnerabilities

SYDNEY, April 23 (Reuters) - Australia is working with software providers including Anthropic over potential cybersecurity vulnerabilities, a spokesperson for Home Affairs minister Tony Burke said on Thursday, following the firm's limited release of its Mythos AI model that has caused concern in several countries. Designed for defensive cybersecurity tasks, Mythos' vast capabilities have sparked fears about the threat to traditional software security, after Anthropic said a preview had uncovered "thousands" of major vulnerabilities in "every major operating system and web browser". "Our government takes protection of critical infrastructure extremely seriously which is why we're working with software providers and companies like Anthropic to make sure we are aware of emerging vulnerabilities," the spokesperson said. The central banks of Australia and New Zealand said on Wednesday they were monitoring the release of Mythos, and were in contact with major regulators across the globe. Anthropic has launched Claude Mythos Preview under Project Glasswing, a tightly restricted access program that includes major technology firms such as Amazon, Microsoft, Nvidia and Apple. The company has also widened access to more than 40 other organisations involved in building or maintaining critical software infrastructure. A spokesperson for Burke said the project would help equip providers with the right tools to build more secure software and protect infrastructure. Experts said Mythos' advanced coding and autonomous capabilities could sharply increase the pace of sophisticated cyberattacks, particularly in sectors such as banking, where complex, interconnected and often decades-old systems are still widespread. Simon Birmingham, CEO of the Australian Banking Association which represents the majority of the country's major commercial lenders, said in a statement on Thursday banks were engaging with regulators over Mythos to ensure the financial system remains safe. (Reporting by Scott Murdoch and Alasdair Pal in Sydney; Editing by Muralikumar Anantharaman and Kim Coghill)