ECB hosts online meeting on AI cybersecurity challenge

ECB hosts online meeting on AI cybersecurity challenge

European governments and businesses are particularly unsettled by Anthropic’s Mythos, which has been withheld from the public over fears its unrivalled ability could expose vulnerabilities even in robust IT systems.

Amid a rise in increasingly sophisticated cyberattacks on banks, the European Central Bank (ECB) is keen to assess their resilience against AI-driven attacks. (File pic)
FRANKFURT:
The European Central Bank (ECB) hosted an online meeting Tuesday of hundreds of public and private sector figures to gauge how prepared organisations are for cybersecurity risks posed by powerful AI systems such as Anthropic’s Mythos.

The meeting, organised by Frank Elderson, ECB vice-chair of supervision, brought together “more than 300 participants from industry, the public sector and representative associations… to share experiences, exchange available information and discuss common challenges,” a source familiar with the agenda told AFP.

It was aimed at supporting “the preparation of action plans”, the source said, adding the exchanges would continue in the future.

European governments and businesses are unsettled in particular by Mythos, which Anthropic is keeping from the public because of its reportedly unparallelled ability to identify and exploit cybersecurity vulnerabilities in even robust IT systems.

Anthropic last month said it had restricted the release of Mythos to 40 major tech firms to give them a head start in fixing weaknesses.

But it has kept that access to US companies and government agencies — leaving European ones in the dark as to its capabilities and what steps they might need to take.

With an increase already in increasingly sophisticated cyberattacks against banks, the ECB is keen to find out how resilient they can be against AI-augmented assaults.

“This is an urgent situation –- we are not dealing with a distant scenario,” Elderson said in an interview published on the ECB’s website.

He said that there “are at least three ways in which Mythos is significantly more advanced than existing tools”.

One was Mythos’s ability to “discover and exploit vulnerabilities at a speed and scale far beyond what we have seen before”.

Another was the way it could harness minor vulnerabilities and turn them “into serious attacks that previously could only be carried out by teams of experts working over several days”.

And third, he said, “it can reverse-engineer patches into exploitable vulnerabilities at unprecedented speed, conducting attacks that used to take weeks in a matter of hours, or even faster”.

Elderson added: “Unfortunately, euro area banks currently do not have access to Mythos — it has only been made available to a limited number of organisations in the US.”

The ECB supervises 111 of the biggest banks in the eurozone, including subsidiaries of large American banks such as JPMorgan Chase, which has been granted access to Mythos.

US authorities, too, have been sufficiently wary of Mythos’s capabilities to have the Treasury and the Federal Reserve call a meeting last month of the big American banks to evaluate the cybersecurity risks posed by the AI model.

Stay current - Follow FMT on WhatsApp, Google news and Telegram

Subscribe to our newsletter and get news delivered to your mailbox.