The U.S. Is Increasingly Relying On Anthropic, Now Using It For a Key Cybersecurity Task
Unsplash
The U.S. government’s cybersecurity agency is using Anthropic’s advanced artificial intelligence model Mythos to identify vulnerabilities in government software, underscoring Washington’s growing reliance on AI-powered cyber defense tools as digital threats from state-backed hackers and cybercriminals continue to intensify.
The Cybersecurity and Infrastructure Security Agency (CISA) has been using Mythos to scan government code repositories for software flaws that could be exploited by foreign intelligence services or cybercriminals, reported Reuters, citing three people familiar with the matter. The report said the work is being carried out by CISA’s Attack Surface Evaluation team, which conducts security assessments and hacking exercises across federal agencies.
The news agency cited two of the sources who said the audits have already uncovered a large number of software vulnerabilities. They did not provide details about the severity of the flaws or identify the affected government systems and it was not clear how much government code had been reviewed.
The reported deployment comes as US agencies continue strengthening cyber defenses following years of increasingly sophisticated attacks linked to nation-state actors, ransomware groups, and supply-chain compromises. Federal agencies have expanded efforts to secure government software and critical infrastructure as cyber operations have become a significant component of geopolitical competition.
The use of Mythos also reflects a notable shift in Anthropic’s relationship with the federal government. Tensions escalated earlier this year after the San Francisco-based AI company declined to remove safeguards that prevented its technology from being used for autonomous weapons or domestic surveillance. That disagreement prompted the Pentagon to designate Anthropic as a supply-chain risk in February, a move that was later blocked by a federal judge in March.
Government interest in Mythos nevertheless continued. Axios reported in April that the National Security Agency (NSA) had been using Mythos despite the Pentagon’s dispute with Anthropic. Citing sources familiar with the matter, the outlet said the intelligence agency was among a limited group of organizations granted access to the model, which was designed to identify and exploit cybersecurity vulnerabilities. The report added that other organizations with access were primarily using the model to scan their own systems for security weaknesses.
The model later became the focus of another dispute involving export restrictions. The Trump administration lifted restrictions on Anthropic’s Mythos and Fable models in late June after earlier limiting access to US organizations and trusted partners. The policy reversal followed weeks of changing government directives over who could use the company’s most advanced AI systems, while broader debates continued over balancing cybersecurity, national security, and international access to frontier AI technology.
Anthropic publicly released a version of Mythos known as Fable with additional cybersecurity safeguards. The White House subsequently required the company to restrict foreign access to the model, leading to a temporary global suspension before the restrictions were eased last week.