In a striking acknowledgement of the evolving landscape of artificial intelligence, David Solomon, the CEO of Goldman Sachs, has expressed heightened awareness regarding the cybersecurity threats posed by Anthropic’s latest model, Mythos AI. During a recent earnings call, Solomon revealed the bank’s proactive measures in collaboration with the tech firm to bolster their cybersecurity infrastructure, following alarming warnings about Mythos’s capabilities.
A New Era of AI Threats
As AI technology continues to advance at an unprecedented pace, banks and financial institutions are facing increasingly sophisticated risks. Solomon indicated that Goldman Sachs has been keeping a close eye on the advancements in large language models (LLMs) and their potential to compromise cybersecurity. He stated, “We’re hyper-aware of the enhanced capabilities of these new models with the help of the US government and the model publishers.”
The urgency of this issue was underscored by last week’s meeting in Washington, where Solomon, along with other leaders from major American banks, was summoned by US Treasury Secretary Scott Bessent. The discussions centred around the risks linked to the Mythos model, particularly its implications for systemically important financial institutions—those deemed critical to the stability of the economy.
Mythos AI: A Game Changer in Cybersecurity
Anthropic’s Mythos AI has raised alarm bells across the financial sector. The company recently highlighted that this model has reached a level of coding proficiency that outmatches even the most skilled human programmers in identifying and exploiting software vulnerabilities. In a blog post, Anthropic warned, “The fallout – for economies, public safety, and national security – could be severe.”
Solomon confirmed that Goldman Sachs is not only aware of Mythos but is actively utilising the model to enhance its cybersecurity measures. “We have the model. We’re working closely with Anthropic and all of our security vendors to kind of harness frontier capabilities wherever it’s possible,” he explained. This alignment showcases Goldman Sachs’s commitment to reinforcing its cyber resilience, which has become a priority in light of these sophisticated threats.
The Growing Cybersecurity Landscape
The UK’s AI Security Institute (AISI) has also echoed concerns regarding the Mythos model, labelling it a significant step up in cyber threat capabilities. According to AISI, Mythos can conduct multi-step cyber-attacks autonomously, discovering vulnerabilities without the need for human intervention. This level of automation and efficiency is alarming, as tasks that typically take days for human professionals can now be executed in a fraction of the time.
The AISI conducted tests which revealed that Mythos successfully completed a complex 32-step cyber-attack simulation, achieving success in three out of ten attempts. While it demonstrated proficiency against smaller, less-defended systems, the full extent of its capabilities against robustly protected infrastructures remains uncertain.
The Future of Cyber Defence
Looking ahead, UK regulators are preparing to address the implications of Mythos with British bank executives and government representatives in the coming weeks. The Cross Market Operational Resilience Group (CMorg) is scheduled to convene shortly, aiming to strategise on bolstering the resilience of financial institutions against such advanced threats.
The Bank of England has taken a cautious stance, opting not to comment on the situation, but the urgency for enhanced cybersecurity measures is clear. As the threat landscape evolves with advancements in AI, financial institutions must stay one step ahead.
Why it Matters
The implications of Mythos AI extend beyond the financial sector, touching on national security and public safety. As AI models become increasingly adept at executing complex cyber-attacks, the need for robust cyber defence strategies becomes paramount. Institutions like Goldman Sachs are setting a precedent by prioritising collaboration with tech firms to safeguard against these emerging threats. This proactive stance is not just about protecting their assets; it reflects a broader responsibility to maintain the integrity of the financial system in an age where the stakes have never been higher.