|
Welcome back! Anthropic says that its new AI model, Mythos, is so good at carrying out cyberattacks that the company has decided not to release the full version of the model publicly—instead, it’s only sharing the model with top tech companies so they can start building up their defenses. But in the meantime, existing AI models—which are already publicly available—can autonomously carry out highly sophisticated cyberattacks in minutes, according to new research shared with The Information by Buzz, the Sequoia-backed cybersecurity startup that produced it. The startup’s researchers built an AI agent by stringing together existing models from Anthropic, OpenAI, and Google and fed it information about known exploited vulnerabilities, or serious cybersecurity flaws that have been made public. Those vulnerabilities are difficult to exploit, and even sophisticated hackers typically take several days to exploit them; but in their tests, the AI agent successfully exploited 103 out of 122 vulnerabilities without any human oversight, and most of them took less than an hour. The new research shows how, even without access to Anthropic’s new Mythos model, AI can make complicated hacks trivial, putting pressure on companies and governments trying to defend against hacks. Known exploited vulnerabilities are listed publicly by authorities like CISA, the U.S. government's cybersecurity authority in the hopes that companies will quickly patch their software, but patching is labor-intensive and can take days or weeks. “We did this to prove that you can exploit these vulnerabilities in minutes while the world takes multiple days to patch,” said Buzz cofounder Niv Hoffman, who led the research along with cofounder Yair Saban and other employees. “We‘re now in this gap where attackers are by default early adopters of AI, and defenders by default aren’t; they‘re risk averse, don’t want to touch production much, and that definitely needs to change.” For instance, Buzz said their agent was able to exploit React2Shell—one of the most dangerous vulnerabilities that was discovered last year, which hackers have been using to steal company data—in just 22 minutes without any human oversight. The startup is now aiming to build a business defending against these types of attacks. The researcher’s findings are concerning because they suggest it will soon be impossible for human cybersecurity defenders to patch vulnerabilities after they’ve been publicized and before hackers can exploit them, said Jon Raper, CISO at Chevron. “This is going to present serious challenges for the industry because finding vulnerabilities isn’t the problem, it's remediating them in time,” Raper said. As AI models only get better at carrying out such hacks, companies will likely need to rethink how they defend against vulnerabilities, he added—for instance, companies should assume that hacks could happen at any time and focus on “segmentation” that would prevent a hacker from getting from one compromised application into another, Raper said. Newer models like Anthropic’s Mythos are likely to keep adding fuel to the fire. Anthropic said it’s helping tech companies use Mythos to find and patch new vulnerabilities before more people have access to the model; but in the meantime, existing models could pose a rising threat. ServiceNow Is Preparing for the Customer Data Wars ServiceNow is gearing up to make money from customers using outside AI agents to tap data stored in its applications. The enterprise software company on Thursday announced a new product that will pull a customer’s data from across ServiceNow’s applications into one place and update it in real time. The goal will be to make it easier for an AI agent to read and process that data, ServiceNow President and Chief Operating Officer Amit Zavery explained. That service will come at a price, however. Customers will have to pay when they use AI agents built outside of ServiceNow’s apps to access their data via the new tool, called the Context Engine. Introduction of the new fee-based tool comes as older software firms are debating how to deal with new AI services that tap data stored in software platforms. Other companies, such as Atlassian, have tried to limit how often outside apps can pull data from its services. Some in the industry have warned of the dangers of that strategy. On Tuesday, for instance, Amazon Web Services CEO Matt Garman warned that “if the incumbents choose to try to put up walls, protect what they have, and not lean in and innovate, they’re in trouble.” ServiceNow has not determined what price it will charge customers using outside AI agents via the Context Engine. In an interview, Zavery said that customers won't have to pay extra if they connect their AI agents directly to ServiceNow’s individual apps, rather than the Context Engine, using standard application program interfaces. But tapping data that way is harder for AI agents to handle, Zavery said. —Laura Bratton
| 
