TOKYO - An advanced artificial intelligence model developed by U.S.-based AI startup Anthropic is raising alarm worldwide over the growing threat of AI-powered cyberattacks, with experts warning that financial systems and critical infrastructure could become targets if the technology falls into the wrong hands.
The company’s latest AI model, known as Claude Mythos, has demonstrated an exceptional ability to identify software vulnerabilities in a short period of time. While the system was originally designed to help developers write safer code and improve cybersecurity, specialists warn that malicious actors could exploit the same capabilities to launch sophisticated cyberattacks.
The issue has quickly become a topic of concern among governments and financial authorities. In Japan, an emergency meeting involving officials and key stakeholders was held earlier this week to discuss the risks surrounding the AI model, with authorities urging critical infrastructure operators and software vendors to strengthen vigilance.
The matter was also discussed during the recent G7 Finance Ministers and Central Bank Governors Meeting in France, where participating countries emphasized the need for coordinated responses to emerging AI-related threats.
Miho Matsubara, chief cybersecurity strategist at NTT, said the AI represents a major shift in the cyber threat landscape.
“Claude Mythos has two significant implications for cybersecurity,” Matsubara said. “First, it is extremely capable of discovering a large number of vulnerabilities in a very short time.”
She also pointed to findings released by the UK government-backed AI Security Institute, which reportedly concluded that Claude Mythos demonstrated considerably stronger cyberattack capabilities than many existing AI models at the time of testing.
Matsubara stressed that the AI itself was not created for offensive purposes, explaining that its original goal was to improve software security and help developers build safer IT products.
“However, its ability to uncover vulnerabilities is so advanced that if it falls into the hands of attackers, it could be abused for cyberattacks,” she said.
Because of those concerns, Anthropic has so far refrained from publicly releasing the model. Access has reportedly been limited to roughly 50 organizations, including major technology companies such as Google, Apple, and NVIDIA.
In Japan, Mitsubishi UFJ Financial Group, Sumitomo Mitsui Financial Group, and Mizuho Financial Group are expected to secure access to the system as early as this month.
Even with limited access, Matsubara warned that the threat remains serious.
“If attackers gain access to AI models with capabilities equivalent to or greater than Claude Mythos, there is a strong possibility they will be used maliciously, and many experts believe it is only a matter of time,” she said.
According to Matsubara, reports surfaced less than two weeks after the restricted release claiming that several individuals had already gained access to the system, prompting Anthropic to investigate the situation.
The rapid evolution of AI development is also intensifying competition among technology companies. Anthropic CEO Dario Amodei reportedly said rival U.S. AI companies could develop comparable systems within one to three months, while Chinese firms may require six months to a year.
Meanwhile, OpenAI recently released GPT-5.5, and testing by the UK AI Security Institute reportedly found that the model exceeded Claude Mythos in some cyberattack-related experiments.
The Japanese government is now strengthening its cybersecurity response. Measures announced on May 18th include collecting and sharing reports of cybersecurity threats affecting 15 sectors designated as critical infrastructure, as well as taking action when serious vulnerabilities are discovered.
Matsubara praised the government’s approach for focusing on practical measures rather than fear alone.
“One important point is that management must recognize these risks, take leadership, and invest properly in cybersecurity,” she said. “Another is the need to thoroughly implement basic defenses, understand vulnerability information, and improve the ability to quickly detect intrusions.”
She warned that current defensive systems still rely heavily on manual processes, including identifying vulnerabilities, developing software patches, and applying fixes, while attackers increasingly operate at machine speed using AI.
“The gap between attack and defense could widen significantly if defenders continue responding slowly with human-driven processes,” Matsubara said.
Despite the risks, she argued the situation also presents an opportunity for Japan to strengthen both national security and economic competitiveness by investing more aggressively in cybersecurity technologies and talent.
Source: テレ東BIZ
