Canadian bank executives and regulators met Friday to discuss the risks posed by Claude Mythos Preview, Anthropic’s new AI model, which the company says is so powerful, they’re choosing not to release it to the public.
While the Canadian Financial Sector Resiliency Group (CFRG) meets regularly, a spokesperson with the ministry of finance says this meeting was “hastened” by the release of Mythos. This comes on the heels of a similar meeting called by U.S. Treasury Secretary Scott Bessent that included the chief executives of the largest U.S. banks.
Members of the CFRG include the Bank of Canada, Department of Finance, the Canadian Deposit Insurance Corporation (CDIC) and Canada’s six major banks.
In announcing its new model, Anthropic warned Claude Mythos can quickly find vulnerabilities in virtually every major operating system and web browser using relatively simple prompts, putting major institutions like banks, hospitals and energy infrastructure at risk of cyberattacks.
“This is the kind of thing that should keep us up at night,” tech expert Carmi Levy told CTV News. “We knew this day would come, that AI would get so good that it would be able to break into even the most hardened cyber defences. And that’s kind of what we’re at with Anthropic’s Claude Mythos model.”
In making its decision not to release Claude Mythos to the public, Anthropic said “given the rate of AI progress it will not be long before such capabilities proliferate, potentially beyond actors who are committed to deploying them safely. The fallout — for economies, public safety, and national security — could be severe.”
“It’s like using ChatGPT to be a hacker,” said Levy. “It means that our existing defences are no longer sufficient to protect ourselves against these newly emerging threats.”
While Anthropic is not releasing Claude Mythos to the public, it is giving it to a select group of tech companies including Amazon, Google, Apple, Microsoft, Nvidia and Cisco as part of Project Glasswing, an initiative aimed at identifying critical software vulnerabilities and shoring up cyber defences.
While some online have called Mythos “AI doomsday,” others caution Anthropic’s announcement could be a savvy marketing strategy in the race for AI dominance. It could also be both.
“Many people would be right in saying that this is a little bit of hype, a little bit of press release, a little bit of publicity stunt,” said Claudiu Popa, a cybersecurity expert. “But we certainly need to acknowledge the capability of that tool and we need to start preparing for such a time when there will be lots of AIs scouring the internet, looking for vulnerabilities.”
Popa says one of the most worrisome elements of Claude Mythos is that it does not require a sophisticated level of understanding of cybersecurity making it potentially harmful in the hands of bad actors.
“That’s why this acts as not a reason to practice fear mongering, but to raise the level of awareness and concern amongst organizations,” said Popa.
Experts estimate it will be a matter of months before Mythos or a comparable AI model will be available to the public, calling this a “call to action” for organizations and governments to beef up cybersecurity.
“Make sure that there are as few vulnerabilities as possible,” he said. “Ultimately, if it takes forever for one of these tools to discover a vulnerability … then it will move on and find some easier targets.”
