Dario Amodei, CEO and co-founder of Anthropic, attends the annual meeting of the World Economic Forum in Davos, Switzerland in January. Regulators and corporations are scrambling to understand just what Mythos means for the security of aging tech infrastructure, writes Andrew Willis.Markus Schreiber/The Associated Press
The latest development in artificial intelligence, the ominously-named Mythos, sounds like the villain in one of Tom Cruise’s Mission Impossible movies.
In the movies, Ethan Hunt – the character played by Mr. Cruise – would race to pull the plug on Mythos before AI developer Anthropic’s latest tool showed bad guys of all descriptions how to hack systems at every business on the planet.
In the real world, regulators and corporations are scrambling to understand just what Mythos means for the security of aging tech infrastructure.
The good news is Canada’s banks and stock exchanges are fully aware of the potential threats posed by the Claude Mythos model, the latest offering from the dominant player in AI.
The bad news is San Francisco-based Anthropic appeared to overlook domestic players when it selected about 50 U.S. companies, including banks and tech platforms, to test drive Mythos in recent weeks.
Anthropic’s AI model sparks rush from industry, government to batten down defence hatches
Anthropic called the campaign Project Glasswing and one of its goals is to help participating companies build their digital defences. Several of these platforms, including JP Morgan Chase and Bank of America, compete directly with domestic banks in the U.S. market.
The business world is sorting itself around leaders who successfully integrate AI into their operations, and understand its risks, and also-rans that fail to realize on the technology’s potential. Many domestic businesses, including banks, are doing the best to ensure they are on the right side of that divide.
Canadian companies, backed by the Bank of Canada and federal regulators, should be pounding the table for the same access to Mythos that Anthropic offered to a handful of customers, including U.S. banks and platforms such as Amazon, Apple and Microsoft.
Access to Mythos is something AI Minister Evan Solomon should push for when he meets with Anthropic officials on Tuesday.
Royal Bank of Canada and Toronto-Dominion Bank are identified as global systemically important banks, with the regulatory burdens that come with that designation. Both lenders, along with CIBC and Bank of Montreal, have significant U.S. operations.
If Anthropic is rolling out AI that potentially poses problems for banks operating in the U.S. market, all these lenders deserve early-stage access to the tool.
Canadian bank execs, regulators meet to discuss risks raised by Anthropic’s new AI model
Mythos represents a watershed moment for AI because if it can do what Anthropic claims, it represents an easy to understand risk to financial systems and critical infrastructure. The model is able to spot vulnerabilities in software used at virtually every company, with astounding speed and precision, according to Anthropic.
Early tests showed Mythos found previously unsuspected flaws in systems that have been around for more than a decade. These are known as “zero day” problems, because if hackers strike, IT departments have no time to respond.
The upside is obvious. If a bank realizes its systems are vulnerable, it can fix them before digital bandits arrive.
The dangers are equally obvious. If criminals get hold of Mythos, they can use the AI model to loot deposits.
If tech teams at dozens of companies already have access to Mythos, how long is it going to take for the AI model to find its way into the wrong hands?
Anthropic knows what is at stake as it markets Mythos. Last week, the company talked about how its work will mean cybersecurity needs to reach “a new equilibrium” between defenders and attackers.
“The advantage will belong to the side that can get the most out of these tools,” Anthropic programmers said in a public posting. “In the short term, this could be attackers, if frontier labs aren’t careful about how they release these models.”
How are Canadian companies and regulators going to gain an advantage, and beat off attackers, if they don’t even have access to tools like Mythos?
For those whose eyes are starting to glaze over at all the media mentions of AI, it’s important to recall that Anthropic accidently leaked descriptions of Mythos last month, and inadvertently publicly posted the source code for its AI personal assistant, Claude Code, at the end of March.
Anthropic also has a co-founder and CEO, Dario Amodei, who a senior member of the U.S. Defense Department called “a liar” with a “God complex” during a dispute over the company’s AI.
Last Friday, everyone who is anyone in domestic finance took part in a meeting on Mythos run by the Canadian Financial Sector Resiliency Group. The folks who run our economy are well aware of the potential problems that come with the latest development in the AI revolution.
As Anthropic itself said, the key to ensuring we have secure digital infrastructure is getting the most of out of AI tools. That means giving credible domestic platforms such as banks, utilities and stock exchanges the same access to Mythos that a select group of U.S. businesses currently enjoy.
There’s no Mr. Cruise character coming to defeat the bad guys with last minute heroics and keep Canadian systems safe from AI gone rogue.