Anthropic is marketing its new bug-hunting AI model, Mythos, as too powerful for public release. But after a few Discord users simply used a contractor’s credentials and some basic internet sleuthing to get in, cybersecurity professionals are ringing the alarm bells.
The “small group of unauthorized users” was said to have accessed the advanced Mythos AI model the same day Anthropic began rolling out a preview of the model to a limited group of approved companies for testing in late February.
According to Bloomberg, the unnamed Discord users got into Mythos through the access one of them had as a worker at a third-party contractor for Anthropic, and by deploying methods used by cybersecurity researchers.
True, the aforementioned group of users hasn’t run any cybersecurity prompts on the model and said they just wanted to play around with the technology, which Anthropic heavily markets as the game-changer in the industry, rather than cause trouble.
Contractor’s credentials were enough
Nonetheless, news of the potential breach will further alarm authorities who have already raised concerns about Mythos’s potential to wreak havoc – and cybersecurity professionals agree. Actually, they warn that the incident is a sign of things to come.
Shane Fry, chief technology officer at RunSafe Security, points out that someone was able to access Anthropic’s Mythos model by – reportedly – just changing the model name.
“Even if their intent is just to explore, it shows how easily these systems can be exposed. The reality is these AI capabilities are already out there, ‘hacked’ or not, and they’re going to accelerate how quickly vulnerabilities are found and exploited,” said Fry.
“Software teams will need to look at how to harden their code so those vulnerabilities can’t be used in the first place.”
Another cyber pro entirely unsurprised by this particular incident is Nagomi CEO Emanuel Salmona, who says that how seriously Anthropic talks about security and how it actually performs are two different things.
Has your password leaked?
“Anthropic did everything right on paper. A contractor’s credentials were enough to get in anyway,” said Salmona.
“If the most safety-conscious AI lab in the world can’t close that distance between policy and execution, every organization running on AI infrastructure should be asking themselves honestly whether they can.”
False sense of control and security
Indeed, the UK’s AI Security Institute already warned last week that if bad actors were to get their hands on Mythos, the model would most likely be able to carry out attacks on IT systems many times faster than any human professionals.
Tim Mackey, head of software supply chain risk strategy at Black Duck, points his finger at Anthropic’s marketing strategy.
To Mackey, it looks like that Anthropic’s marketing message for Mythos was effectively a challenge not dissimilar to a capture-the-flag exercise, where success includes claims of unauthorized access to Mythos.
“The unfortunate reality is that while it’s great to hear that novel cybersecurity models are being provided to select researchers to evaluate, if your team is on the outside looking in, waiting for the final report might not be top of mind,” said Mackey.
“For defenders, even the specter of unauthorized access to an adversarial model as powerful as Mythos is purported to be, only increases anxiety levels.”
Raluca Saceanu, CEO of cybersecurity company Smarttech247, thinks that Anthropic has chosen a pretty confusing course of action in the hopes that outsiders will see the company as behaving responsibly.
“Limiting access to a small number of organizations may have created a sense of control, but in reality, it also created a false sense of security. Once a capability like this exists outside the lab, even in a restricted preview, the risk profile changes immediately,” said Saceanu.
“These AI systems are incredibly powerful. The potential isn’t just for traditional hacking – it’s about how these tools can be accessed and used in ways that weren’t intended.”
According to Saceanu, in this particular case, the intent of those Discord users indeed wasn’t criminal, but it shows that simply by existing, Mythos has the potential to be accessed inappropriately by bad actors.
“Our advice to organizations is to closely monitor developments, strengthen internal controls, and assume attackers will continue evolving how they exploit these models,” she said.
Unlock more exclusive Cybernews content on YouTube.
Your email address will not be published. Required fields are markedmarked