The legendary American bank robber Willie Sutton spent 40 years robbing banks because, as he claimed in his autobiography, he loved doing it. And when asked why he chose banks of all places to rob, he allegedly replied, “because that’s where the money is.”
Back in 2017, I wrote a book predicting it wasn’t just lovable rogues like Sutton who would soon be robbing banks, but artificial intelligence (AI).
That day, it appears, could now be about to arrive. Banks around the world are seriously worried cyber criminals will soon take advantage of the latest advances in AI to try to rob them.
The finance world’s concern rests on the impressive cyber capabilities of a product called “Mythos”. This is the latest and most capable AI model from Anthropic, the company behind the popular Claude chatbot.
As a member of the public, you can’t access or use this model – for now. That’s because Anthropic (and many others) believe Mythos is too capable to launch upon an unsuspecting world.
Internal testing of Mythos has uncovered thousands of severe security vulnerabilities across every major operating system and web browser.
Some of these vulnerabilities have gone undetected for decades. Many are what tech insiders call “zero-day” vulnerabilities – attacks that are so dangerous that developers need to fix them in zero days’ time.
To counter this emerging threat, Anthropic has made the model available to a dozen partners of a defensive coalition that includes Microsoft, Amazon Web Services, Apple, Cisco and the Linux Foundation.
The company has also committed $100 million in usage credits and $4 million in open-source grants to start finding and fixing these bugs.
In addition, more than 40 additional organisations – including a number of US banks – have also received access. However, worryingly, to our knowledge, Anthropic has not yet granted access to any banks in Australia, the United Kingdom, or Europe.
To add to concerns, on Wednesday, Anthropic confirmed it was investigating claims in a Bloomberg report that a small group of unauthorised users had gained access to Mythos. However, at this stage, there is no suggestion this alleged access was for malicious purposes.
Last week, regulators and policymakers from around the world gathered at the International Monetary Fund spring meeting in Washington. The Iran war was a major focus. But attendees also issued a series of warnings about this emerging cybersecurity threat to the banking industry.
Not only are banks an attractive target, being where the money is, but the industry runs on many legacy systems, decades old technology that may be especially vulnerable to these sorts of attacks.
You personally don’t need to be too worried. Many countries have strong protections for bank customers. In Australia, for example, the first A$250,000 of a customer’s deposits are insured through the government-backed Financial Claims Scheme.
And the Australian Securities and Investments Commission ensures banks investigate and reimburse fraudulent transactions where the customer is not at fault.
So, it’s probably not a wise idea to withdraw your cash and put it under the mattress. But banks should be (and are) rushing to plug these vulnerabilities.
In the longer term, Mythos exposes the challenge that defence is much harder than attack. Software is one of the most complex products humanity builds. It is therefore almost impossible to ensure it is bug-free.
That puts us in an unending race against the “bad guys” to uncover and fix faults before they get exploited.
For example, with significant fanfare, the European Union just released its age verification app, designed to be a cornerstone of the emerging laws on access to social media, pornography and other age-restricted content. However, within hours, security experts found cyber vulnerabilities that underage users could easily exploit.
In the most critical settings, we can try to prove mathematically that our software is bug-free. For instance, the Beneficial AI Foundation just announced an ambitious “moonshot” project to prove that the popular messaging app Signal is bug-free and protects privacy as claimed.
But such efforts are the exception today rather than the norm. Perhaps further advances in AI could soon help reverse this.
The Conversation