Anthropic’s Mythos AI Model Uncovers Vulnerabilities in U.S. Government Systems Within Hours
In Focus
- Anthropic partnered with U.S. intelligence agencies to test Claude Mythos
- Mythos did not exploit the vulnerabilities identified in government systems
- The U.S. has restricted access to Claude Mythos and Fable by foreigners
Anthropic’s Claude Mythos AI model identified vulnerabilities in secure, highly sensitive U.S. government computer systems. Government official specific software vulnerabilities were flagged within hours during Mythos testing on U.S. government systems. However, the AI model did not exploit them.
How Did the U.S. Government Test Anthropic AI Models?
A report by the Associated Press showed that Anthropic has partnered with intelligence agencies in the U.S. to test Mythos under the Project Glasswing initiative.
The initiative gives selected companies and government agencies access to Mythos with the goal of identifying and fixing vulnerabilities in critical software before cyber criminals exploit them. A democratic senator had mentioned the Mythos tests on government systems earlier this month during a Senate Committee hearing on Banking, Housing, and Urban Affairs.
“This tool broke into almost all of our classified systems, not in weeks but in hours,” Senator Mark Warner of Virginia noted as cited by the Associated Press.
How Does Anthropic Relate With the U.S. Government?
Despite the Mythos AI security testing, Anthropic’s relationship with the U.S. government has been strained. The government reportedly added Anthropic to a national security blacklist after the company refused to permit the use of its AI models for domestic surveillance and fully autonomous weapons programs.
Earlier this month, the U.S. government restricted the use of Claude Fable 5 and Mythos over national security concerns. But Anthropic argued the move to impose a ban on its AI models was not warranted by the security concerns flagged by the government.
Fable 5 is a limited, Mythos-class AI model that Anthropic introduced at the beginning of this month. Like Claude Mythos, the AI firm has offered limited access to Fable 5 due to cybersecurity fears.
How Does the U.S. Government Assess AI Systems?
Days before the ban, President Trump had established a framework for assessing national security risks posed by advanced AI systems through an executive order. According to the order, AI systems would be vetted for a month prior to public release and participation of AI developers in the process will be voluntary.
Cybersecurity executives have asked the U.S. government to lift the ban claiming that it could benefit AI rivals more than impede them. In a letter to the government, over 100 cybersecurity experts and executives argued that Claude Mythos AI models effectively uncover software flaws and generate exploits. They however noted that other AI systems have similar capabilities.
What Does Government Testing Mean for Anthropic?
The testing of Mythos by the U.S. government highlights Anthropic’s growing importance in national cybersecurity. By identifying vulnerabilities in sensitive systems, the AI model could make Anthropic a valuable partner for securing critical government infrastructure.
The tests also increase confidence in Anthropic’s advanced AI models. While these are positive steps, involvement of the AI company in national security projects could increase regulatory scrutiny as governments seek to balance AI innovation with security concerns.
