Last week, the US AI company Anthropic postponed the launch of its AI model Mythos for security reasons. Mythos was designed to detect cyber vulnerabilities more quickly and link them to complete exploits and attack chains. The Belgian Centre for Cybersecurity is monitoring this development closely and is calling on companies and organisations to take action.
At present, there are no public technical details available to verify Anthropic’s claim, but it does demonstrate that AI is evolving to a level where models can independently identify and analyse vulnerabilities. AI makes it possible to find, analyse and potentially exploit vulnerabilities more quickly.
Although the Centre for Cybersecurity Belgium has not yet been able to test Mythos itself, it takes the claim seriously and is monitoring developments closely. The emergence of such models heralds a structural shift. Organisations and businesses should not view this as a passing technological trend, but as a development that fundamentally changes the pace of cyberattacks and cyberdefence.
The risks of a successful cyberattack are increasing
The risks are not merely technical. If AI models can identify vulnerabilities independently or semi-autonomously, this lowers the threshold for attackers and increases the speed at which zero-days are converted into active attacks. This significantly increases the pressure on patching, secure development and vulnerability management. Furthermore, the asymmetry between attacker and defender threatens to grow. Large technology companies and highly mature organisations can use AI to audit code and apply patches more quickly. For smaller organisations, local authorities, healthcare institutions and SMEs, this is much more difficult.
CCB advice to businesses and organisations
For businesses, the message is clear: waiting is not an option. Organisations must take into account attacks that can occur faster, are more heavily automated and on a larger scale. Basic security therefore remains essential, supplemented by additional measures where necessary.
- Strengthen basic security
- Enable automatic updates wherever possible
- Apply patches and updates immediately
- Provide 24/7 monitoring and response, for example via Managed Detection and Response
- Consider whether migration to a capable cloud provider is appropriate for environments that you cannot be certain you can secure adequately
- Migrate to strong multi-factor authentication with a high level of security
