Congress Calls Anthropic CEO to Testify on Chinese AI-Powered Cyberattack Campaign

Congress Calls Anthropic CEO to Testify About AI Cyberattack Allegedly From China

The House Homeland Security Committee has sent a letter to Anthropic CEO Dario Amodei to testify on Dec. 17 about a cyberattack campaign allegedly conducted by China-affiliated actors using the company's Claude AI, according to a new report from Axios. House Homeland Security Chair Andrew Garbarino, a Republican from New York, sent letters to Amodei as well as Google Cloud CEO Thomas Kurian and Quantum Xchange CEO Eddy Zervigon, all requesting they testify next month. If Amodei agrees to testify, it would be the first time that an Anthropic executive has appeared before a congressional committee, according to Axios. Anthropic explained in a Nov. 13 report that it had detected suspicious activity in mid-September and, after an investigation, found that there had been a "highly sophisticated espionage campaign." The attackers used Claude's agentic capabilities "to an unprecedented degree" to actually execute the attacks themselves, according to the company: The threat actorâ€"whom we assess with high confidence was a Chinese state-sponsored groupâ€"manipulated our Claude Code tool into attempting infiltration into roughly thirty global targets and succeeded in a small number of cases. The operation targeted large tech companies, financial institutions, chemical manufacturing companies, and government agencies. We believe this is the first documented case of a large-scale cyberattack executed without substantial human intervention. The company called it an escalation of the "vibe hacking" that has been seen in recent months. The term "vibe coding" entered the national lexicon over the past year when more and more people who had no coding experience started to use generative AI tools to create and deploy code. The vibe terminology has expanded to include any number of other uses, perhaps most infamously when Uber founder Travis Kalanick appeared on the All-In podcast and said he was doing "vibe physics." Kalanick had convinced himself that he was discovering new kinds of science, something that large language models simply aren't capable of doing. Why would Anthropic be building tools that could allow for cyberattacks against the U.S.? The company addressed that in its report from Nov. 13 and said Claude was crucial for cyber defense: This raises an important question: if AI models can be misused for cyberattacks at this scale, why continue to develop and release them? The answer is that the very abilities that allow Claude to be used in these attacks also make it crucial for cyber defense. When sophisticated cyberattacks inevitably occur, our goal is for Claudeâ€"into which we’ve built strong safeguardsâ€"to assist cybersecurity professionals to detect, disrupt, and prepare for future versions of the attack. Indeed, our Threat Intelligence team used Claude extensively in analyzing the enormous amounts of data generated during this very investigation. "For the first time, we are seeing a foreign adversary use a commercial AI system to carry out nearly an entire cyber operation with minimal human involvement," Garbarino told Axios in a statement. "That should concern every federal agency and every sector of critical infrastructure." Reached by phone, a spokesperson for Anthropic declined to give any comment on the record Wednesday about the upcoming hearing.

Exclusive: Anthropic CEO called to testify before Congress about Chinese AI cyberattack

Why it matters: It would mark the first time an Anthropic executive appears before Congress about the espionage campaign disclosed earlier this month -- the first documented case of an AI-orchestrated cyberattack. Driving the news: House Homeland Security Chair Andrew Garbarino (R-N.Y.) sent letters to Amodei, Google Cloud CEO Thomas Kurian and Quantum Xchange CEO Eddy Zervigon requesting they testify at a hearing on the future of AI and cybersecurity next month. * Reps. Andy Ogles, head of the House Homeland cybersecurity subcommittee, and Josh Brecheen, chair of the panel's oversight subcommittee, co-signed the letters. The big picture: As AI rapidly intensifies the cyber threat landscape, lawmakers are just starting to wrap their heads around the problem and determine what policy levers they need to change to help Washington keep up. * Garbarino has pushed for increased information sharing and stronger public-private coordination to help government and industry prepare for AI-driven attacks. Zoom in: According to the letters sent Wednesday, lawmakers want to hear more about how nation-state hackers could use other AI tools to conduct similar attacks and how AI tools can be used to defend organizations. * Kurian was asked to testify about how cloud providers are adapting their security strategies to fend off AI-driven attacks -- especially given the U.S. government's reliance on private cloud services. * Lawmakers requested that Zervigon, whose company provides security tools to protect against encryption-breaking quantum, testify on how emerging quantum technologies could be used in AI-orchestrated cyberattacks. What they're saying: "For the first time, we are seeing a foreign adversary use a commercial AI system to carry out nearly an entire cyber operation with minimal human involvement," Garbarino said in a statement. "That should concern every federal agency and every sector of critical infrastructure." * He added that "We cannot expect to counter autonomous, machine-speed cyber aggression from adversaries like China with human response times alone." * Anthropic, Google and Quantum Xchange did not immediately respond to a requests for comment. What's next: Executives have until Dec. 3 to confirm whether they'll testify. Go deeper: The age of AI-powered cyberattacks is here

US AI and Data Firms to Testify in Chinese AI Espionage Probe - Decrypt

The same AI capabilities could accelerate crypto hacks and on-chain theft, Decrypt was told. U.S. lawmakers have reportedly called in several AI development companies to explain how certain models have become part of a wide-ranging espionage effort. Among them is Anthropic CEO Dario Amodei, who was asked to appear before the House Homeland Security Committee on December 17 to explain how Chinese state actors used Claude Code, according to an Axios report released Wednesday, citing letters shared in private. Earlier this month, Anthropic disclosed that a hacking group linked to the Chinese state used its tool Claude Code to launch what the company described as the first large-scale cyber operation largely automated by an AI system. Operating under the group name GTG-1002, the attackers orchestrated a campaign targeting around 30 organizations, with Claude Code handling most phases according to Anthropic: reconnaissance, vulnerability scanning, exploit creation, credential harvesting, and data exfiltration. Chairing the follow-up investigation is Rep. Andrew Garbarino (R-NY) alongside two subcommittee heads. The committee wanted to have Amodei detail exactly when Anthropic first detected the activity, how the attackers leveraged its models during different stages of the breach, and what safeguards failed or succeeded as the campaign went on. The hearing will also include Google Cloud and Quantum Xchange executives, per Axios. "For the first time, we are seeing a foreign adversary use a commercial AI system to carry out nearly an entire cyber operation with minimal human involvement," Garbarino said in a statement cited in the initial report. "That should concern every federal agency and every sector of critical infrastructure." Decrypt has reached out to Rep. Garbarino, Google Cloud, Quantum Xchange, and Anthropic for comment. The congressional scrutiny comes on the heels of a separate warning from the UK's security service MI5, which last week issued an alert to UK lawmakers after identifying Chinese intelligence officers using fake recruiter profiles to target MPs, peers, and parliamentary staff. While it seeks to "continue an economic relationship with China," the U.K. government is ready to "challenge countries whenever they undermine our democratic way of life," Security Minister Dan Jarvis said in the statement. Against this backdrop, observers warn that the same AI capabilities now powering espionage can just as easily accelerate financial theft. "The terrifying thing about AI is the speed," Shaw Walters, founder of AI research lab Eliza Labs, told Decrypt. "What used to be done by hand can now be automated at a massive scale." The logic could be dangerously simple, Walters explained. If nation-state actors could break and manipulate models for hacking campaigns, the next step would be directing agentic AI "to drain wallets or siphon funds undetected." AI agents could go on to "build rapport and confidence with a target, keep a conversation going and get them to the point of falling for a scam," Walters explained. Once sufficiently trained, these agents can also be "set about to attack on-chain contracts," Walters claimed. "Even supposedly "aligned" models like Claude will gladly help you find security weaknesses in 'your' code - of course, it has no idea what is and isn't yours, and in an attempt to be helpful, it will surely find weaknesses in many contracts where money can be drained," he said. But while responses against such attacks are "easy to build," the reality, says Walters, is that "it's bad people trying to get around safeguards we already have," by trying to trick models into "doing black hat work by being convinced that they are helping, not harming."