在 Anthropic 于 4 月 7 日宣布推出其最新模型 Claude Mythos Preview 的几小时前,我刚刚完成了一项为期六个月的 AI 赋能网络攻击分析。我的研究追踪了中国国家支持的针对美国关键基础设施的网络行动,发现国家级黑客攻击与普通攻击之间的屏障正在以过快的速度瓦解。
当我那天下午合上笔记本电脑时,Mythos 已经粉碎了那道屏障。理论上,这个新模型可以在没有人类监督的情况下,自主利用地球上几乎所有主要操作系统和网络浏览器的未知漏洞。我的威胁模型在早餐时看似危言耸听,到晚餐时已显得过于保守。
多年来,Anthropic 的首席执行官达里奥·阿莫代一直将理查德·罗德斯的《原子弹秘史》放在公司的咖啡桌上,并向员工和采访者极力推荐。他的论点是,制造了历史上最具变革性武器的科学家们,也没能控制该武器的使用方式。
Mythos 是 Anthropic 的核时刻。这并非指破坏力的等同,因为还没有零日漏洞能造成核武器级别的伤亡,而是指阿莫代所暗示的意义:这是一种具有剧烈破坏能力的武器,其制造者可能无法控制它。
原子弹不仅仅是“更大的炸弹”。核武器改变了强制逻辑,允许任何拥有此类武器的国家以历史上只有通过战场击败对手才能实现的方式,去胁迫其他国家。Mythos 承诺给几乎任何人一种强制力,而直到最近,这种力量还只是最强大政府的专属领域。该模型抹杀了美国“持续接触”理论中关于“国家行为体”的前提——在该理论中,对手国家的网络渗透通过美国的反向渗透来实现稳定。这是一种在行使网络权力时制造混乱和不对称的药方。
正如原子弹一样,Mythos 标志着一种阶跃式变化,使人对...产生质疑。
A few hours before Anthropic announced the launch of its newest model, Claude Mythos Preview, on April 7, I had just completed a six-month analysis of AI-enabled cyberattacks. My research traced Chinese state-sponsored cyber campaigns against U.S. critical infrastructure and found that the barrier between nation-state-level hacking and everyone else was eroding far too fast.By the time I closed my laptop that afternoon, Mythos had shattered that barrier. This new model could theoretically autonomously exploit previously unknown vulnerabilities in virtually every major operating system and web browser on Earth, without human supervision. My threat model, seemingly alarmist at breakfast, was too conservative by dinner.For years, Anthropic’s CEO Dario Amodei has kept copies of Richard Rhodes’ The Making of the Atomic Bomb on the company’s coffee tables, pressing the book on employees and interviewers alike. His thesis was that the scientists who built the most transformative weapon in history also failed to control how it would be used.Mythos is Anthropic’s nuclear moment. Not in destructive equivalence, since no zero-day exploit has killed people at the scale of a nuclear weapon, but in the sense Amodei suggests: a weapon with a seismic destructive capability that its makers may be unable to control.The atomic bomb was not just a “bigger bomb.” Nuclear weapons transformed coercion logic, allowing any state with such weapons to coerce other states in a way that, historically, would only have been possible by defeating them in battle. Mythos promises nearly anyone a coercive power, which, until recently, was the domain of only the strongest governments. The model erases the “state actors” premise in the U.S. doctrine of persistent engagement, wherein rival states’ network penetrations are stabilized by U.S. counter-penetrations. It is a recipe for chaos and asymmetry in the wielding of cyber power.Like the atomic bomb, Mythos marks a step change that calls into question all prior cyber deterrence logic. The current U.S. response is not moving fast enough against this spiraling threat. This article is a case for why chaotic asymmetry is now inevitable, why defensive AI cannot close the gap in time, and two steps the U.S. government should take as the window of opportunity closes.The Mythos MomentGiven just 24 hours, Mythos autonomously identified and exploited a 17-year-old remote code execution vulnerability in FreeBSD, an important operating system favored in high-security server environments, granting unauthenticated root access to any machine running it. Unauthenticated root access means an attacker with no credentials or prior foothold gains complete administrative control over a system. Engineers at Anthropic with no formal security training asked the model to find remote code execution vulnerabilities overnight, and woke up the next morning to working exploits.Whereas prior Anthropic models converted known vulnerabilities into working exploits
