U.S. bank chiefs warned on Anthropic Mythos

Top United States bank chiefs were called to the Treasury Department on April 7 after Scott Bessent and Jerome Powell warned that Anthropic’s new Mythos model could sharpen cyber risks for lenders. (finance.yahoo.com) Reuters reported the closed-door meeting was held in Washington and included the chief executives of Bank of America, Citigroup, Goldman Sachs, Morgan Stanley and Wells Fargo. JPMorgan Chase chief executive Jamie Dimon was invited but did not attend. (finance.yahoo.com) (cnbc.com) Anthropic released Claude Mythos Preview on April 7 but kept it out of general public use. The company said the model’s jump in capability led it to limit access to a defensive cybersecurity program with selected partners. (anthropic.com) A large language model is software trained to predict and generate text and code; in cybersecurity, that means it can read programs like a mechanic reading an engine and spot weak parts fast. Anthropic said Mythos can find and exploit software flaws at a level beyond all but the most skilled human specialists. (anthropic.com) Anthropic said Mythos has already found thousands of high-severity vulnerabilities, including flaws in every major operating system and web browser. Reuters reported the company told officials the model could identify and exploit previously unknown weaknesses, which is why the launch was restricted. (anthropic.com) (finance.yahoo.com) Banks were an obvious audience because their systems move money, store sensitive customer data and connect to payment networks that are frequent hacking targets. One source told Reuters the April 7 meeting was meant to make sure banks understood the risks from Mythos and similar models and were taking steps to defend their systems. (finance.yahoo.com) The bank chiefs were already in Washington for a Financial Services Forum board meeting when the special session was added, CNBC reported. The Treasury meeting signaled that artificial intelligence security had moved from a technology issue into a top-level financial stability concern for regulators. (cnbc.com) Anthropic is pitching Mythos as both a threat and a tool. Its Project Glasswing group includes Amazon Web Services, Apple, Broadcom, Cisco, CrowdStrike, Google, JPMorganChase, the Linux Foundation, Microsoft, Nvidia and Palo Alto Networks, and Anthropic said it is committing up to $100 million in usage credits and $4 million in donations to open-source security groups. (anthropic.com) The company also said it had briefed United States officials before the launch and was in ongoing talks with agencies including the Cybersecurity and Infrastructure Security Agency and the Center for AI Standards and Innovation. A Treasury spokesman told CBS News that more coordination meetings are planned across regulators and institutions. (cnbc.com) (cbsnews.com) Anthropic’s stance is that holding Mythos back buys time to use the model for defense before similar systems spread more widely. The government’s message to banks was simpler: prepare now, because the tools that can find the next software break-in are already here. (anthropic.com) (cbsnews.com)