Anthropic Myth: AI Wrongly Accused of Hacking the NSA

⚡

Key Takeaways

1A viral rumor claimed that Anthropic's Mythos AI had hacked the NSA, but it was actually an authorized exercise.

2Senator Mark Warner cited a security test where Mythos accessed classified systems, leading to a misunderstanding.

3Washington has suspended exports of Mythos and Fable, fearing for national security despite the absence of any actual hacking.

💡Why it matters — This confusion highlights the challenges of communicating about AI capabilities and their security implications.

The Rumor That Ignited Social Media

A simple phrase was enough to ignite social media and fuel a persistent rumor: Anthropic's AI Mythos allegedly hacked the NSA. This claim, widely circulated on platforms like X and Reddit, suggested that an artificial intelligence had managed to outsmart the security systems of one of the most powerful intelligence agencies in the world. However, this version of events is far from the truth. In fact, it was a quote taken out of context, transforming a cybersecurity exercise into an alleged hack of the NSA. The operation was, in reality, fully authorized.

The Context of a Misinterpretation

The origin of this confusion dates back to an article published on June 14 by The Economist. In this article, U.S. Senator Mark Warner, vice chairman of the Senate Intelligence Committee, reported the words of General Joshua Rudd, head of the NSA and U.S. Cyber Command. According to Rudd, Anthropic's Mythos model had penetrated "almost all classified systems" of the agency, and this was done "not in weeks, but in hours." This statement, taken out of context, quickly circulated online, leading many to believe that Mythos had infiltrated the NSA's systems like a hacker. In reality, it was a test as part of the Glasswing project, a confidential program aimed at using AI models to identify vulnerabilities in critical software before they could be exploited by actual attackers.

A Misunderstood Cybersecurity Exercise

As part of this project, the NSA voluntarily exposed Mythos to a controlled copy of its computing environment. Therefore, it was neither a real hack nor an external intrusion. The exercise aimed to test the AI's ability to detect security flaws in a secure and controlled environment, not to demonstrate any hacking capability.

The Consequences of a Baseless Rumor

The Associated Press provided a crucial clarification: according to an anonymous U.S. official, Mythos did indeed identify certain vulnerabilities within hours. However, detecting a weakness does not necessarily mean being able to exploit it immediately. This distinction, although fundamental, was lost in the spread of the rumor. Even Shashank Joshi, the journalist from The Economist who originated the viral quote, clarified his remarks. He explained that his article described a very specific red team exercise, where the model operated alongside other tools under carefully prepared conditions.

The Repercussions for Anthropic

Although the rumor is false, the incident has had very real consequences. The performance of Mythos raised concerns, prompting Washington to order the suspension of exports of Anthropic's Mythos and Fable models. This decision was made to protect national security, despite the absence of any actual hacking. This situation highlights the challenges associated with communicating the capabilities of artificial intelligences and their potential implications for security.