AI’s Cyber Threat Demands a European Response
Anthropic’s Mythos shows why the ECB and national supervisors must treat artificial intelligence as both a systemic risk and a tool for stronger bank defences. A commentary by Ignazio Angeloni
We are smart enough to invent artificial intelligence, but not smart enough to know how to use it. The aphorism now circulating widely is well suited to Mythos, the latest software created by Anthropic, the company founded by Dario Amodei, who with his sister Daniela is among the sector’s founders and leading innovators.
It could also serve as a summary of the essay Amodei recently published on his website, The Urgency of Interpretability, in which he sets out the nature of the dilemma.
Humans have created artificial brains of extraordinary power without fully understanding how they work or being able to predict their consequences. It is essential, Amodei argues, that before these tools are made even more powerful, progress is made in understanding — “interpretability” — the internal mechanisms that generate artificial thought. What is needed is an “MRI scan” of artificial brains. Without it, their use is blind and entails serious risks.
One of the most concrete and immediate risks concerns the information systems that, often with little or no human intervention, govern the functioning of large public and private organisations, while defending them from malicious external intrusions.
A few weeks ago, Anthropic startled the technology world by announcing that Mythos was able successfully to bypass most of the cyber defences used by large corporations. To contain the danger, Anthropic said it would restrict access, for the time being, to a small number of large organisations. All were American, and only one was a bank: JPMorgan.
Some caution is needed in assessing such announcements. In the software market, “dangerous” means effective, and effectiveness creates commercial appeal.
Communications of this sort can also be a marketing strategy. Perhaps not by chance, Anthropic overtook OpenAI in sales in April.
In this case, however, several pieces of evidence suggest that the information is genuine and that the alarm is justified. Action must be taken to limit the risks that Mythos has brought to light.
The problem, of course, is that to do so one must have access to the software. To discover the vulnerabilities of a computer system, nothing works better than a hacker — whether a piece of software or a human being.
More than a month ago, Andrew Bailey, governor of the Bank of England, raised the alarm about the dangers facing the financial sector. Banks are more exposed to cyber risks than any other sector, with the sole exception of defence.
As the nerve centre of the economy and the vault in which our money is kept, they are an attractive target in equal measure for terrorists and robbers. Bailey complained that British banks did not yet have access to Mythos.
Since then, however, things have changed. The Trump administration, which had initially blacklisted Anthropic, accusing it of restricting the use of its software for political — read: humanitarian — reasons, soon realised that it could not do without Claude, the best AI programme currently available. In one of its customary U-turns, it authorised the use of Claude by US government agencies.
The details of the agreement are not known. But the result, announced a few days ago, is that Anthropic has decided to extend the availability of Mythos to 150 international organisations in more than 15 countries, including France, Germany, Italy, Spain, the Netherlands, Belgium, Switzerland, Sweden, India, Japan, South Korea, as well as NATO and the European Union.
That last detail is encouraging: these are the traditional allies of the United States, and we would like to think the list was approved by the White House. The signal is clear, and it concerns governments, European and national supervisory authorities, as well as the banks themselves.
The American opening makes controls possible, but also more urgent, because with wider circulation comes a greater risk that the new software may fall into the wrong hands. It is no exaggeration to call this a race against time.
An expression of alarm, in the usual veiled language, can also be found in the speech given by the governor of the Bank of Italy on May 29. Speed and the correct method of action are essential.
First, checks must be European, not merely national. Nothing would be worse than proceeding in an uncoordinated way in the face of a threat to the European system as a whole.
ECB Banking Supervision, which already oversees the operational and cyber risks of the largest banking groups in the euro area, should be placed in the front line.
What is needed is an ad hoc project: one-off, but with consequences for the SREP — the annual supervisory review that determines prudential requirements — conducted within a short deadline and with external technical support, if possible from Anthropic itself.
Second, the checks should be conducted in a “positive”, not a “negative”, manner. The aim should not be merely to identify vulnerabilities in existing systems and remove them, but to use Mythos and AI technologies to build a superior cybersecurity system. These are not necessarily the same thing.
Finally, the exercise must be co-operative, not competitive. The experience and solutions developed by individual banks should be shared, not used to gain a competitive advantage. In a system that is highly integrated in some markets, even if fragmented in others, the vulnerability of a single bank is a systemic vulnerability. This is another reason why the presence of European supervision is essential.
As almost always happens, this danger too can generate greater awareness and stronger security. But only if action is taken quickly, and in the right way.
A previous version of this article was published by Affari e Finanza - La Repubblica
IEP@BU does not express opinions of its own. The opinions expressed in this publication are those of the authors. Any errors or omissions are the responsibility of the authors.
