The European Central Bank will meet with banks to address cybersecurity risks from advanced AI models that can identify and exploit software vulnerabilities faster than human teams. The meeting follows concerns tied to Anthropic’s Claude Mythos Preview, which has reportedly found thousands of zero-day flaws across major operating systems and browsers. ECB Executive Board member Frank Elderson says existing cybersecurity work must be accelerated due to AI progress, emphasizing faster patching. The ECB plans to warn lenders about threats posed by Mythos and similar systems and to request that US banks with access share findings with European peers. Access to Mythos is limited to a small number of organizations, with no European banks included, creating an information gap. Testing indicates high exploit success rates and potential replication by adversaries within months.
"The European Central Bank is calling banks in for a meeting on Tuesday to address the cybersecurity risks created by a new generation of AI models that can find and exploit software vulnerabilities faster than any human team. The meeting follows months of growing anxiety across European finance about Anthropic's Claude Mythos Preview, the frontier AI model that has identified thousands of zero-day flaws across major operating systems and browsers."
"ECB Executive Board member Frank Elderson told the Financial Times that banks need to accelerate work that has been under way for years. "There is a whole range of issues on cyber security that we have been engaging on with the banks for years which are all still valid, but given the progress in AI, they need to be dealt with faster," he said."
"The central bank plans to warn lenders about the specific threats posed by Mythos and similar AI systems. It will also ask US banks that have access to the technology, through Anthropic's controlled distribution programme called Project Glasswing, to share what they have learned with European peers who remain locked out."
"Only about 40 to 50 organisations have been granted access to Mythos so far, including Amazon, Microsoft, Google, Nvidia, CrowdStrike, Palo Alto Networks, and JPMorgan Chase. No European bank is on the list. In controlled testing, the model produced working exploits on its first attempt more than 83 per cent of the time, often outperforming human cybersecurity specialists."
#cybersecurity #ai-enabled-vulnerability-exploitation #patch-management #financial-services-regulation #zero-day-vulnerabilities
Read at TNW | Artificial-Intelligence
Unable to calculate read time
Collection
[
|
...
]