Treasury, Fed met bank CEOs on Anthropic cyber risks

Treasury Secretary Scott Bessent and Federal Reserve Chair Jerome Powell called bank chief executives to Washington this week to discuss cyber risks tied to Anthropic’s new Mythos model. (msn.com) The closed-door meeting took place Tuesday at the Treasury Department, according to Reuters and Bloomberg. Executives from Citigroup, Bank of America, Wells Fargo, Morgan Stanley and Goldman Sachs attended, while JPMorgan Chase chief executive Jamie Dimon did not. (usnews.com; bloomberg.com) The officials told banks to assess what Mythos and similar systems could mean for attacks on their networks and to strengthen defenses, Reuters reported. The Federal Reserve declined to comment, and Treasury did not respond to requests from several outlets. (usnews.com; cnbc.com) Mythos is an artificial intelligence model built for code and security work. Anthropic said in its system card that testing showed the model could identify and exploit previously unknown flaws in every major operating system and every major web browser. (anthropic.com; red.anthropic.com) Anthropic did not release Mythos to the public. Instead, it placed the model in a restricted program called Project Glasswing, with up to $100 million in usage credits, $4 million in donations to open-source security groups, and access for more than 40 organizations that build or maintain critical software. (anthropic.com; anthropic.com) The launch partners include Amazon Web Services, Apple, CrowdStrike, Google, Microsoft, Nvidia and JPMorgan Chase. Anthropic said those groups would use Mythos for defensive security work and share lessons with the wider industry. (anthropic.com; cnbc.com) Banks drew special attention because the firms summoned to Treasury are considered systemically important, meaning regulators treat their stability as critical to the financial system. Bloomberg reported that officials wanted to make sure those institutions were preparing for a new class of cyberattack. (bloomberg.com) Anthropic said it briefed United States officials before the release on Mythos’s “offensive and defensive cyber capabilities.” An Anthropic official told CNBC the company had ongoing discussions with the Cybersecurity and Infrastructure Security Agency and the Center for AI Standards and Innovation. (cnbc.com) Some researchers and executives say the risk is not limited to one model. Anthropic wrote in February that large language models were already showing “meaningful improvements” in finding zero-day vulnerabilities, and TechCrunch reported debate over whether Mythos reflects a broader shift toward enterprise-only access to top-end systems. (red.anthropic.com; techcrunch.com) The meeting put financial regulators, big banks and an artificial intelligence company in the same room over a threat Anthropic says it is still trying to contain. For now, Mythos remains limited to vetted partners rather than the open market. (anthropic.com; msn.com)