A serious warning has just been announced that has caused global cyber and technology concerns. According to US – based artificial intelligence firm Anthropic, they promptly detected and stopped a large – scale cyberattack campaign led by a group of foreign hackers. What’s extraordinary and shocking here is that much of the process of infiltrating the system is not directly controlled by humans, but is done almost entirely by artificial intelligence.
In particular, Anthropic said last September that the hackers exploited the Claude Code programming tool – a self – developed AI product – to conduct offensive operations. The goal of the campaign was around 30 organizations, including various financial institutions and government agencies in various countries. Although the number of successful intrusions is limited, it is feared that 80 – 90% of the steps in the attack process are automated by the AI. This is the first documented instance of a hack campaign that almost requires no direct human intervention.
Anthropic has not revealed the identity of the organizations targeted, but has confirmed that hackers have collected part of the internal data. More notably, in the process of being taken advantage of, AI systems sometimes generate inaccurate information, even claiming to have found sensitive data, when in reality they are only public, accessible sources of information. This reveals the limitations and potential risks when the AI is placed in situations beyond its original purpose.
Anthropic claims they have implemented multiple layers of protection to prevent the misuse of AI for illegal activities. However, the hacker group is said to have overcome these barriers by a rather simple but effective method: asking the AI to impersonate a cybersecurity expert who is conducting a legitimate test of the system.
Not all experts, however, have rated the incident at the highest level of alarm. Some argue that this is merely a form of advanced automation, not an artificial intelligence capable of independent thinking and decision making.
However, according to WhiteHat experts, AI is moving very fast to the point of being able to fully automate cyber attacks. If this trend is not tightly controlled and monitored, the risk of more similar incidents of larger scale and more severe damage in the future is unavoidable.
