This is Atlantic Intelligence, a newsletter in which our writers help you wrap your mind around artificial intelligence and a new machine age. Did someone forward you this newsletter? Sign up here.
|
|
Last fall, when I first reported on generative-AI tools’ alarming ability to hack into all manner of digital systems, cybersecurity experts gave me a stern warning: Hacking bots are here, are only getting better, and can upend the internet as we know it. That apocalypse is now closer than anyone thought. Earlier this week, Anthropic made a brazen announcement: The company had been testing, in private, a new AI model that had identified thousands of major cybersecurity vulnerabilities across the web, many of them in widely used operating systems and browsers. Some of the exploits had gone undetected for decades. So far, the bot, known as Claude Mythos Preview, has not been released to the public—but as I wrote yesterday, it “appears to represent not an incremental change but the beginning of a paradigm shift” in AI-assisted hacking. Yet cybersecurity concerns are not even the most important implication of Claude Mythos. By creating this technology, Anthropic is amassing an incredible amount of influence, typically reserved for world superpowers; this company, and perhaps it alone, is the gatekeeper to a bot that can launch hacking campaigns of unprecedented sophistication, a capability that could take down crucial infrastructure and shift the global economy. Anthropic, I wrote, “may have just scaled its way into becoming a major geopolitical force.” |
|
| | (Illustration by Matteo Giuseppe Pani / The Atlantic) | | | |
|
|
| For the past several weeks, Anthropic says it secretly possessed a tool potentially capable of commandeering most computer servers in the world. This is a bot that, if unleashed, might be able to hack into banks, exfiltrate state secrets, and fry crucial infrastructure. Already, according to the company, this AI model has identified thousands of major cybersecurity vulnerabilities—including exploits in every single major operating system and browser. This level of cyberattack is typically available only to elite, state-sponsored hacking cells in a very small number of countries including China, Russia, and the United States. Now it’s in the hands of a private company. On Tuesday, the company officially announced the existence of the model, known as Claude Mythos Preview. For now, the bot will be available only to a consortium of many of the world’s biggest tech companies—including Apple, Microsoft, Google, and Nvidia. These partners can use Mythos Preview to scan and secure bugs and exploits in their software. Other than that, Anthropic will not immediately release Mythos Preview to the public, having determined that doing so without more robust safeguards would be too dangerous. For years, cybersecurity experts have been warning about the chaos that highly capable hacking bots could usher in. As a result of how capable AI models have become at coding, they have also become extremely good at finding vulnerabilities in all manner of software. Even before Mythos Preview, AI companies such as Anthropic, OpenAI, and Google all reported instances of their AI models being used in sophisticated cyberattacks by both criminal and state-backed groups. As Giovanni Vigna, who directs a federal research institute dedicated to AI-orchestrated cyberthreats, told me last fall: You can have a million hackers at your fingertips “with the push of a button.” |
|
|
|
|
Later today, the four astronauts who just flew around the moon will splash down off the coast of California. In an article earlier this week, my colleague Ross Andersen meditated on the most moving image from the Artemis II mission. — Matteo
Sign up for Work in Progress, a newsletter where Rogé Karma investigates the mysteries of a complicated economy. For full access to our journalism, subscribe to The Atlantic. |
|
Most Popular on The Atlantic | |
|
|
|
