Cybersecurity threats have been a serious concern for the US’s infrastructure and critical businesses for a long time, but the conflict in Iran has ratcheted up the attacks.
Now, as pro-Iran hackers target such structures in America, some of the largest US companies are coming together to make sure the world’s most depended-on software is protected – not from nation-state bad actors; but instead from attacks launched by artificial intelligence (AI) tools.
Earlier this year, the World Economic Forum ranked “cyber insecurity” as a top 10 global risk, along with “misinformation and disinformation” and “adverse outcomes of AI.” The latter had the largest rise in ranking over time as a risk.
Hackers and targets
Iran-linked hackers have been targeting water systems, power plants, and other critical infrastructure, and it has led the US government to issue a joint alert about it. The US Environmental Protection Agency (EPA), Federal Bureau of Investigations (FBI), Cybersecurity and Infrastructure Security Agency (CISA) and National Security Agency (NSA) issued the joint advisory last week.
It warns US organizations about “an urgent and ongoing Iranian-affiliated cybersecurity threat,” and specifically mentions the water sector, raising the prospect of “disruption of commonly used operational technology at drinking water and wastewater systems that are diligently working to ensure that Americans can rely on clean and safe water.”
And the advisory mentions other critical infrastructure sectors such as hospitals. (Medical device maker Stryker suffered a cyber hack last month that disrupted its order processing, manufacturing and shipping on a global basis.)
The federal agencies urged operators of such facilities to be on the lookout for the tactics and methods used by Iran-linked hackers, listing those tactics in its advisory.
“Cyber is the ultimate forever war,” said Marcus Fowler, chief executive of Darktrace Federal, a cybersecurity firm that works with the US Defense Department and other organizations.
Acknowledging that a ceasefire agreement had been reached between the US and Iran (although its continuing status remains shaky), Fowler added: “It continues regardless of pauses in kinetic activity or shifts in geopolitical headlines.”
AI risk and securing critical software
Anthropic has an unreleased AI model called Claude Mythos Preview that offers agentic reasoning and has started finding very serious and previously unknown cybersecurity vulnerabilities that could be lethal in the wrong hands. Or in the “hands” of the wrong agentic AI tool.
And it has spearheaded the creation of an initiative uniting several of the most notable and largest firms in a variety of industry sectors: AWS, Apple, Broadcom, Cisco, CrowdStrike, Google, JPMorgan Chase, the Linux Foundation, Microsoft, NVIDIA, Palo Alto Networks and itself in an ambitious enterprise called Project Glasswing.
The enterprises involved have committed to using Mythos Preview as part of their defensive security work, using the model “to scan and secure open-source systems and making financial commitments to open-source security organizations.” This is unprecedented.
Since then, some other Wall Street banks have gained access to the new Mythos model and will be testing it out as well, even if not within the Glasswing initiative. They include Citigroup, Bank of America, and Goldman Sachs Group.
The US government has made its presence known as well, with US Treasury Secretary Scott Bessent and Federal Reserve Chair Jerome Powell telling executives they should take the Mythos model seriously and deploy its capabilities to detect vulnerabilities, according to sources speaking to the media.
And Canadian bank executives and regulators met on Friday to discuss the possible cybersecurity risks posed by Anthropic’s new AI model, as the Globe and Mail reported.
Preventing the SIFI disruption
“The fact is, you don’t see these specific companies cooperating like this unless the alternative is mutually assured destruction of their shared infrastructure,” ZDNET reported last week, contending this was not hyperbole.
The Mythos Preview’s ability to reproduce vulnerabilities jumped to 83.1% from a score of 66.6% at the Claude Opus model stage.
“The window between a vulnerability being discovered and being exploited by an adversary has collapsed. What once took months now happens in minutes with AI,” said Elia Zaitsev, Chief Technology Officer at CrowdStrike, speaking to SOCFortress.
It will be fascinating to watch as powerful rival firms, some of them considered systemically important financial institutions (SIFIs), and the open-source community team up to produce a defensive mechanism that could provide greater protection from hackers than ever before. If it never falls into the wrong hands, that is.