NSA lost access to powerful AI model amid anthropic dispute
The National Security Agency has lost access to a powerful artificial intelligence model developed by Anthropic amid the Trump administration’s tussle with the startup, U.S. officials said, stripping the intelligence agency of a tool that has impressed and alarmed its analysts with how good it is at finding software weaknesses.
This month, the Trump administration imposed export controls on Anthropic, citing national security concerns. This action forced Anthropic to delay the release of its most advanced models, known as the Mythos 5 and Fable 5.
NSA cybersecurity analysts were testing versions of the Anthropic tools when the latest models were unplugged.
The controlled tests also proved impressive in the halls of the NSA, a secret stronghold outside Washington that specializes in developing digital espionage techniques against foreign adversaries and protecting American networks from cyberattacks.
The power of Anthropic’s tools and their importance to the NSA were highlighted in Congress this month, which underscored the administration’s growing reliance on the most advanced artificial intelligence systems for cybersecurity, even as it battles a leading U.S. developer.
During the hearing, Sen. Mark Warner, the top Democrat on the Intelligence Committee, said that NSA chief Gen. Joshua Rudd had informed him that Mythos had “penetrated almost all of our secret systems, not in weeks, but in hours.” The comments attracted considerable attention after The Economist cited them in a report.
But Mr. Warner’s statement — about highly technical issues — was oversimplified, officials said, and fueled speculation on social media that the latest AI offerings were even more dire for cybersecurity than they thought. Some have concluded that sophisticated AI models are now capable of rapidly compromising classified networks that should be among the most secure on the planet.
In fact, the tests involved “red teams” of NSA analysts using Mythos in a highly customized environment that would be extremely unlikely for an adversary, officials said. The red teams began their tests within classified NSA systems designed to be accessible only from certain computers and completely cut off from the wider Internet.
The tests found that Mythos was able to quickly identify cybersecurity flaws in that classified network, but did not actually get into those systems, officials said.
Red-teaming is a common cybersecurity practice for stress testing computer systems to identify and patch vulnerabilities. Technology companies large and small, as well as government agencies, routinely engage internal and external red teams to improve their digital defenses.
Still, even if the NSA didn’t experience the doomsday scenario some had feared, the spy agency’s analysts were impressed by how capable Mythos appeared to be in a controlled test environment that exceeded already high expectations.
Cyber security agencies from the United States, Britain, Canada, Australia and New Zealand – an alliance known as the Five Eyes – issued a report on Monday. unusual public statement warning that artificial intelligence is “rapidly changing cyber risk”.
The statement urged businesses to urgently invest in adopting AI to protect their networks before it is too late.
“Frontier AI models are expected to exceed current industry expectations and fundamentally change offensive and defensive cyber capabilities,” the alliance said. He added, in a turn of phrase echoing Mr Warner’s statement: “The timeline is not years, it’s months.”
Antropic first ran into a major conflict with the Trump administration earlier this year over a $200 million Defense Department contract to use AI in classified systems. In a dispute that has become extremely public, the two sides have disagreed on the parameters of how AI technology should be used in war.
In February, Defense Secretary Pete Hegseth moved to label Anthropic as a “supply chain risk,” declaring the company a national security threat. It was the first time the label had been used against an American company. Anthropic sued the government over the label.
In April, Anthropic unveiled Mythos, a new AI model. Mythos has been so strong at identifying security software vulnerabilities that Anthropic said it could pose an existential risk to digital technology — a view supported by some independent security experts but met with skepticism by others. The start-up would retain the model, he added, except for a select few organizations and companies.
The NSA was among the first organizations to be granted access, putting it in the unusual position of testing a product the Pentagon deemed a national security risk. The agency continued to test Anthropic’s latest products until the release of the export control directive this month.
Some administration officials have been seeking a way out of the Pentagon standoff in recent weeks, according to U.S. officials and others familiar with the matter, and are also trying to resolve the issue of export controls.
The White House and intelligence officials pushed through a secret contract between Anthropic and the NSA that would allow the spy agency to use the company’s technology for a variety of purposes, including intelligence analysis and uncovering new computer vulnerabilities.
That contract has not been finalized, and some Pentagon officials want the NSA to find a way to work with other models.