What is Claude Mythos and what risks does it pose?

Lately a lot of people have been talking about a new AI model called Claude Mythos, made by Anthropic. The company says this AI can sometimes do hacking and cybersecurity tasks better than humans. Because of this, governments, regulators, and banks are getting worried and discussing how it might be risky for online systems. Some big tech companies are being allowed to use Mythos through a program called Project Glasswing. This program is meant to strengthen resilience to Mythos itself. But some people say Anthropic might be exaggerating, because it benefits them to make their AI sound very powerful and unique. So, like always with AI, it’s hard to tell what’s actually true and what’s just hype.

What is Claude Mythos?

Claude Mythos is a new AI model from Anthropic part of its Claude system. It was introduced in early April as “Mythos Preview” and is designed to compete with other tools like ChatGPT and Google Gemini. Researchers called “red teams,” who test how AI handles different tasks, said that Mythos is very good at computer security tasks. They found the tool could spot old hidden bugs in very old code and even take advantage of them easily.

So, instead of giving it to everyone who uses Claude, Anthropic shared it with 12 tech companies through Project Glasswing, which they say is meant to help protect important software. They include cloud computing giant Amazon Web Services, device manufacturers, Apple, Microsoft, and Google, and chip-makers Nvidia and Broadcom. CrowdStrike, the company whose faulty software update caused a big global outage in July 2024, is also part of the project. Anthropic said it has shared Mythos with more than 40 organisations that manage important software.

Why are there concerns?

Anthropic said in tests they found a model that is very good at cybersecurity and hacking, even better than humans. Mythos Preview has already found thousands of serious security problems, including some in major operating systems and web browsers.

On 7th of April Anthropic said "Given the rate of AI progress, it will not be long before such capabilities proliferate, potentially beyond actor who are committed to deploying them safely". It said it could find serious bugs in old systems without much help, including one that had been there for 27 years, and even suggest ways to use them.

Some finance ministers, central bankers, and financial experts have raised concerns, worrying that the model could weaken the security of financial systems. Canadian Finance Minister Francois-Philippe Champagne said Mythos was talked about during an International Monetary Fund (IMF) meeting in Washington, DC. He also added "Certainly it is serious enough to warrant the attention of all the finance ministers," describing the tech as an "unknown unknown".

Bank of England boss Andrew Bailey said " we are having to look very carefully now what this latest AI development could mean for the risk of cyber crime".

What have cyber experts said about it?

Ciaran Martin, who used to lead the UK’s National Cyber Security Centre said, that the idea of Mythos finding serious security flaws much faster than other AI systems has “really shaken people.” He added, "The second thing is that even with existing weaknesses that we know about, but organisations might not have patched against, might not be well defended against, it's just a really good hacker,"

Many independent cybersecurity analysts and experts still haven’t been able to test it themselves and some are still unsure about how well Mythos performs. The UK’s AI Safety Institute recently said that even though the AI model is very powerful, its main risk would be to systems that are weak and not well protected. He also added "We cannot say for sure whether Mythos Preview would be able to attack well-defended systems," its researchers said. So where there is good cybersecurity, this model would, in theory, hopefully be stopped.

Should we be worried about it?

New models and tools are being released all the time, and they often come with big claims that they will change our lives in major ways, both good and bad. In recent years, companies in the AI industry have also started using people’s mix of excitement and fear about AI to promote and market their products.

When it comes to Mythos, we still don’t know enough to say if these hopes or worries are real or just hype from the industry. According to Ciaran Martin, the former head of the UK's National Cyber Security Centre (NSCS), the most important thing right now is to stay calm and focus on getting the basics of cyber security right. Most hackers don’t even need advanced AI tools to break into systems, because simple methods often work well enough.

Ciaran Martin, the former head of the UK's National Cyber Security Centre said, "For some this is an apocalyptic event, for others it seems to be a lot of hype." He also added, whether it was this tool or subsequent ones made by Anthropic or its rivals, alongside the risk there was an opportunity to build a safer online world. Lastly Martin said "In the medium term, there's an opportunity to use these tools to fix a lot of the underlying vulnerabilities in the internet."

For more information on IT Services, Web Applications & Support kindly call or WhatsApp at +91-9733733000 or you can visit https://www.technodg.com