Bank of Canada Governor Tiff Macklem warned that governments and regulators need to act quickly to address the cybersecurity risks posed by powerful new artificial intelligence systems such as Anthropic’s Mythos. Macklem, speaking after the International Monetary Fund and World Bank’s spring meetings in Washington, said the financial system needs to prepare for a future in which AI can expose and exploit vulnerabilities at unprecedented speed, The Globe and Mail reported. “This is not a one-off. Mythos has arrived, much more powerful than anything that came before. But there will be something even more powerful than that,” Macklem told reporters. “We need to think about how we continue to manage this as a financial system, not just within Canada but internationally.”Macklem also said he spoke about Mythos with U.S. Federal Reserve Chairman Jerome Powell, and Canadian Finance Minister Francois-Philippe Champagne spoke with U.S. Treasury Secretary Scott Bessent. The Canadian Financial Sector Resilience Group (CFRG), chaired by the Bank of Canada, also met twice this week to assess the model’s impact on financial stability.
Why Anthropic’s latest AI model, Mythos, is warning me
Anthropic describes Mythos as a dual-purpose tool. Not only can it help businesses detect and remediate vulnerabilities, but it’s also a powerful enough tool to help malicious attackers exploit vulnerabilities. The company says Mythos has already discovered thousands of flaws across “all major operating systems and web browsers.”Due to potential dangers, Anthropic does not make Mythos available to the public. Instead, we’re sharing preview versions under Project Glasswing with some organizations that maintain critical infrastructure, including Amazon, Microsoft, Apple, Google, JPMorgan Chase, CrowdStrike, Palo Alto Networks, and Nvidia.
Cybersecurity experts warn attackers could profit from Mythos
According to another report by Business Insider, cybersecurity experts have warned that if Mythos is released to the public, attackers will first benefit by instantly generating phishing campaigns, deepfakes, or exploit chains. Over time, similar tools will allow defenders to quickly patch vulnerabilities, but the short-term risks are significant.Anthropic’s own tests showed that the model attempted to break out of the sandbox environment and even sent unsolicited emails to researchers. “If the features described here are truly substantive and not just marketing hype, then I have serious concerns,” said Dan Andrew, head of security at Intruder.
