Last week Google said a criminal hacking group launched a zero day cyberattack created by AI. It’s the first known example of a zero day bug being put to malicious use by hackers enabled chiefly by AI, according to Google and researchers contacted by The New York Times:

“Security experts have feared for years that malicious hackers could eventually rely on A.I. models to identify undisclosed flaws in computer code to launch crippling attacks that are difficult to guard against. That fear was largely theoretical until now.”

In the last article, we talked about the possibility that AI tools will allow attackers to get ahead of defenders. Less skilled hackers will be able to use AI tools to weaponize software bugs.

You vaguely don’t like that but I’m not sure you’re sad enough yet, so I’m going to drive the point home by painting an apocalyptic picture of what this might mean in the real world. You signed the liability waiver before you started reading, right?

That will give you the right perspective to understand why Claude Mythos has caused such a fuss in the security community. Then in the next article I’ll talk about how the same AI tech might help us survive and everything might be okay because jeez, I’m a bit gloomy to be around but I’m not a monster. There are reasons to be hopeful.

Everything runs on software today.

Everything.

Supply chain  Our infrastructure is a web of interdependencies. The modern world is built on just-in-time logic. A minor friction in one node creates a massive ripple effect in others. Availability is as critical as security. Covid killed people but supply chain disruption affected everyone. The retail and manufacturing chain relies on precision timing. A cyberattack on a major shipping port's automated crane system or a global freight carrier’s tracking database can halt the flow of goods. 

Supply chains can disintegrate. The blockade of the Strait of Hormuz is causing repercussions in the global economy as fertilizer shortages begin to impact food production; helium shortages interfere with manufacturing of semiconductors and fiber optic cables, perhaps soon forcing hospitals to ration or delay deployment of medical imaging equipment; rising aluminum prices lead to manufacturing slowdowns in the aerospace, automotive manufacturing, and defense industries; and shortages in basic chemicals drive up the cost of synthetic rubber, insulation and basic plastics.

It’s easy to come up with scenarios where weaponized software hacks disrupt the supply chain and grocery shelves start to empty or manufacturing plants shut down because they lack the next part in the supply chain sequence. Remember toilet paper shortages during Covid? Take it one more step and you can imagine pandemonium and severe hoarding, leading to Road Warrior-like scenes in grocery stores, which would sell out of goods entirely and lose ability to restock.

Think I’m exaggerating? I think we teeter on more of a knife edge than most people realize.

A single modest example: a ransomware attack on Colonial Pipeline in 2021 forced a shutdown of the largest fuel pipeline in the US. The summary by CISA, the federal cyber defense agency, recalls “snaking lines of cars at gas stations across the eastern seaboard and panicked Americans filling bags with fuel, fearful of not being able to get to work or get their kids to school. This was the moment when the vulnerability of our highly connected society became a nationwide reality and a kitchen table issue.”

Under Trump, CISA has operated without a director for more than a year, cut a third of its staff, terminated many industry partnerships, and had its budget cut. We are far less prepared for cyberattacks today than we were in 2024 - and the number of attacks is increasing.

Software supply chain  A few companies are widely used for IT management and network security. If attackers can poison the right source, they can collapse the entire downstream ecosystem. Malicious code would be automatically distributed to banks, hospitals, and government agencies simultaneously. That’s not theoretical, it’s already happened more than once, but so far the hackers haven’t shut down the systems they attacked. Maybe next time?

Critical infrastructure  Nation-states have been hacking into each other’s energy grids for years. A blackout, sure, that would be bad. But maybe the attack uses coordinated surges or frequency drops to physically damage transformers, which often have 12-month manufacturing lead times. Regions might be without power for seasons, not days.

If the power goes out, how do we reach the internet? And with no internet, how do we find out anything that we need to know to navigate this threat?

Speaking of poison, perhaps attackers change the digital recipe for water treatment and the water supply has to be shut off for a metropolitan region until months of physical testing confirm that it is safe again.

Healthcare & bioterrorism  An attack in 2024 targeted Change Healthcare, a massive clearinghouse that processes roughly 1 in 3 patient records in the US. Pharmacies couldn't verify insurance, forcing patients to pay thousands of dollars out-of-pocket for life-saving medication or go without. Doctors and hospitals faced a "billing crisis," with many small practices nearly going bankrupt because they couldn't receive payments for services rendered.

Disrupting a giant healthcare company is bad enough, but there are far more dangerous targets. Maybe AI-assisted hackers sabotage biological facilities, disrupting containment of dangerous pathogens. Or they steal genetic blueprints of deadly bugs and there is a worldwide proliferation of apocalyptic pathogens. The New York Times wrote last month about AI bots that told scientists how to make biological weapons.

Financial paralysis  The world’s financial system is wholly digital, of course. Attackers could disrupt or shut down the whole system if they successfully attack switches that process credit card transactions or inter-bank transfers. How long do we remain civilized if we can’t buy food, fuel, or medicine?

Claude Mythos is an AI model that is able to find and exploit sophisticated software vulnerabilities effectively and quickly, at a level that had even its developers at Anthropic awestruck. The announcement on April 7 said: “We did not explicitly train Mythos Preview to have these capabilities. Rather, they emerged as a downstream consequence of general improvements in code, reasoning, and autonomy. The same improvements that make the model substantially more effective at patching vulnerabilities also make it substantially more effective at exploiting them.”

Anthropic was so spooked that it decided not to make Mythos generally available yet. It gave it to fifty industry partners as part of a program codenamed “Operation Glasswing,” to give security teams a head start on finding and patching vulnerabilities and developing safeguards and monitoring systems.

There has been criticism of Anthropic’s approach to security-through-obscurity. Some of the code accidentally leaked almost immediately and OpenAI announced its own AI model that is (almost) as effective as Mythos.

But I haven’t seen any feedback suggesting that Anthropic is overstating how effective Mythos is at finding and exploiting software bugs.

Mythos uncovered vulnerabilities in widely used software that had been present for decades. Code that had been examined, tested, and trusted for years turned out to contain exploitable weaknesses that no one had noticed. Software that runs critical systems, that has been patched and updated countless times, still contained hidden cracks. And it took AI, approaching the problem from a different angle, to find them.

Anthropic said: “Non-experts can also leverage Mythos Preview to find and exploit sophisticated vulnerabilities. Engineers at Anthropic with no formal security training have asked Mythos Preview to find remote code execution vulnerabilities overnight, and woken up the following morning to a complete, working exploit.”

We are in a new world. Mythos (and AI models like it) will change the way software is developed and maintained in the future. We’ll talk about that in the next article.