AI 'Claude Mitos' Unveils Self-Attack Tech, Finds Security Flaws

Artificial intelligence (AI) developer Anthropic has unveiled 'Claude Mitos,' a next-generation AI model capable of autonomously identifying and attacking program weaknesses. 'Claude Mitos' has been assessed as potentially capable of nullifying existing cybersecurity frameworks, elevating AI to the level of a national security agenda item. The model has demonstrated its ability to penetrate existing security systems, notably by discovering a flaw in the OpenBSD operating system that had remained undetected for 27 years and completing a 32-stage corporate network attack simulation. 'Claude Mitos' goes beyond detecting 'zero-day' vulnerabilities, possessing the capability to independently forge its own infiltration routes. The computing cost to find the OpenBSD flaw and design the attack path was approximately $20,000 (about 30 million won), with AI execution costs around $50 (70,000 won).

Dario Amodei, CEO of Anthropic, discussed collaboration on Mitos with the White House, leading the U.S. government to launch the 'Intelligent Shield' development project with Big Tech and other entities. The U.S. government has initiated the 'Intelligent Shield' project, granting limited access to the 'Mitos' model to 12 companies and 40 institutions, including Big Tech firms, cybersecurity companies, and financial institutions. Governments worldwide are preparing for AI's ability to breach defense systems in ways that exceed predictions.

The South Korean government, lacking direct access to the 'Mitos' model, faces limitations in its preparedness and plans to analyze a report Anthropic will release in July to formulate countermeasures. Considering the difficulty of fully utilizing AI models developed in countries like the U.S. or China for national security, the necessity of building indigenous, sovereign AI-based security systems for securing security sovereignty is also being raised.

Discussions are active regarding AI hacking concerns triggered by the 'Mitos' model, with a shift towards 'AI-native security' where AI autonomously manages security. If AI attacks escalate, small and medium-sized enterprises (SMEs) are likely to suffer greater damage than large corporations with superior security capabilities, making government support essential to bridge the security gap for exposed SMEs. Proposed solutions include releasing versions of the 'Mitos' model with partially limited capabilities or imposing mandatory vulnerability reporting obligations on AI developers, suggesting phased approaches to AI model disclosure.