Why the world’s banks are so worried about Anthropic’s latest AI model - The Conversation

Detailed Analysis

Anthropic's latest AI model, Mythos, has triggered an unprecedented wave of alarm across the global banking sector due to its advanced cyber capabilities, which experts warn could fundamentally alter the threat landscape for financial institutions. The model's ability to detect hidden software vulnerabilities, map internal banking processes, and identify exploitable weaknesses in legacy infrastructure at speeds far exceeding human capability has placed it in a category of concern distinct from prior AI releases. Anthropic has responded by restricting public access to Mythos entirely, classifying it as too powerful for general release and instead distributing access to a defensive coalition of roughly a dozen partners — including Microsoft, Amazon Web Services, Apple, Cisco, and the Linux Foundation — alongside more than 40 vetted organizations. The company has committed $100 million in usage credits and $4 million in open-source grants specifically to support vulnerability identification and patching efforts. A Bloomberg report alleging unauthorized access to the model prompted an internal Anthropic investigation, though no malicious intent was confirmed.

The institutional response to Mythos has been swift and high-level. On April 10, 2026, senior US officials including Treasury Secretary Scott Bessent and Federal Reserve Chair Jerome Powell convened an urgent meeting with major Wall Street banks to assess coordinated attack scenarios targeting not only banking systems but also power grids and water networks. In parallel, India's Finance Ministry gathered bank CEOs to evaluate risks including data breaches and cascading failures across interconnected payment systems, with the National Payments Corporation of India exploring early access for defensive testing. Major institutions including JP Morgan, Goldman Sachs, and Citigroup are now actively stress-testing internal defenses against Mythos-class threats. The absence of reported access for banks in Australia, the United Kingdom, or Europe has deepened anxieties in those regions about asymmetric defensive preparedness.

The concern is particularly acute because global banking infrastructure disproportionately relies on decades-old legacy technology — COBOL-based systems, aging mainframes, and patchwork integrations — that was never designed to withstand AI-accelerated attack methodologies. Mythos's reported capacity to rapidly map these systems and surface exploitable bugs means that the window between vulnerability discovery and exploitation could shrink dramatically, leaving human security teams structurally unable to respond in time. Anthropic's own CEO has publicly acknowledged the risk of AI outpacing both human hacking and human defense capabilities, a framing that underscores the dual-use tension at the core of advanced model deployment.

At the macroeconomic level, global regulators amplified these warnings during the IMF spring meetings, pointing to banks as uniquely attractive targets — in the blunt formulation, institutions attacked "where the money is" — amid heightened geopolitical instability including the ongoing Iran war. The convergence of frontier AI capability with geopolitical stress represents a compounding risk factor that regulators have historically been ill-equipped to address through existing frameworks. The Mythos situation illustrates how advanced AI systems now require governance structures that did not exist when current financial cybersecurity regulations were written.

Mythos represents a meaningful inflection point in the relationship between AI development and critical infrastructure security. Prior AI models raised concerns primarily around fraud, phishing automation, and disinformation; Mythos introduces the possibility of AI-native cyberattacks capable of penetrating hardened financial systems with a speed and precision that fundamentally changes the calculus for defenders. Anthropic's decision to gate the model within a defensive coalition rather than pursuing open or commercial release reflects a calculated attempt to use the model's capabilities asymmetrically in favor of defense — but the strategy's success depends entirely on whether that coalition can outpace actors who may develop or acquire comparable capabilities independently. The episode signals that the era of treating AI safety and cybersecurity as parallel but separate policy domains is effectively over.