The U.S. cyber defense agency CISA is using Anthropic’s AI model Mythos to audit government software, three people familiar with the matter said on Monday. This is another sign of the government’s enthusiasm for adopting the AI startup’s tools, even as the company continues to be at odds with the White House.
The Cybersecurity and Infrastructure Security Agency uses Mythos to scan government code repositories for bugs that could lead to infiltration by foreign spies and cybercriminals, sources said.
Anthropic did not respond to questions about the initiative. A CISA representative said last month that he would see if he had anything to share on the matter, but did not respond to further emails.
One of the sources said the scan is being conducted by CISA’s Attack Surface Assessment Team. This team is a group within CISA that conducts digital security assessments and hacking exercises across the government.
Two of the sources said the audit had already uncovered a number of vulnerabilities, but declined to provide further details. Reuters could not establish exactly how much government code the team examined, or the nature or severity of the bugs it discovered.
Anthropic’s Rocky U.S. Government Connections
Anthropic secretly filed for an initial public offering in the U.S., but relations with the U.S. government were rocky. Relations reached a nadir in February when the San Francisco-based company refused to lift safeguards that prevented its AI from being used for autonomous weapons or domestic surveillance. This prompted the Pentagon to impose a formal supply chain risk designation that had previously been applied to foreign companies suspected of facilitating espionage.
The unusual blacklisting was blocked by a judge in March, and the dispute was defused by the private release of Anthropic’s Mythos, an AI model said to be highly capable of discovering and exploiting cybersecurity vulnerabilities.
The National Security Agency, the US government’s powerful eavesdropping agency, has been using Mythos since April despite being blacklisted, Axios reported. Late last month, the New York Times reported that NSA analysts tested Mythos in a classified setting and were impressed with its capabilities. But when Anthropic released a public version of Mythos called Fable that included what it called cybersecurity safeguards, the White House suddenly demanded that foreigners be barred from operating Mythos. This led to a global shutdown of the model, which was finally lifted last week.
The NSA and the White House did not respond to requests for comment.
(Except for the headline, this story has not been edited by NDTV staff and is published from a syndicated feed.)
