An AI model from Anthropic, tested under tightly controlled conditions, reportedly surfaced two classified vulnerabilities inside National Security Agency systems in a matter of hours, an outcome that surprised people who observed the exercise.
The twist: after a decision tied to former President Donald Trump, parts of the NSA no longer have full access to the tool, known as “Mythos,” according to the French outlet BFMTV. That leaves the agency trying to defend some of America’s most sensitive networks while losing, at least in part, an accelerator it had just validated.
The episode underscores a growing reality in U.S. cyber defense: the most powerful tools increasingly live in the hands of private AI companies, and access can become a political and contractual pressure point as much as a technical one.
Table des matières
A red-team exercise that moved faster than expected
The reported results come from a “red team” test, standard practice in cybersecurity where authorized testers simulate an attacker to find weaknesses without causing real-world damage. In this case, Mythos was used in a sanctioned, supervised environment, not in an uncontrolled breach.
According to details that leaked from the exercise, the model identified vulnerabilities in highly sensitive, classified systems within hours. Sen. Mark Warner of Virginia, the top Democrat on the Senate Intelligence Committee, was cited describing Mythos as able to effectively “get into” nearly all the targeted classified systems during the drill on that same rapid timeline, language that can mean quickly finding weak points, not necessarily fully compromising systems.
Officials also stressed the setup wasn’t anything like an open internet target. The systems were isolated, access was limited, and the test environment was highly specific, conditions an average attacker couldn’t replicate from a laptop at home. Even so, the time savings were described as dramatic.
Finding a vulnerability isn’t the same as exploiting it
The reporting draws a bright line between identifying vulnerabilities and successfully exploiting them. Mythos appears to have been used to spot weak configurations, risky software versions, fragile dependencies, or suspicious patterns quickly, not to instantly weaponize those findings into a full takeover.
That distinction matters. Real exploitation often requires custom code, precise conditions, and multi-step “chains” that bypass layered defenses. Classified networks are typically designed to limit blast radius through segmentation, isolation, and tightly controlled access paths.
Still, speed alone can be decisive. If an agency can identify likely weak spots faster, it can triage and patch faster. In a world where defenders can’t fix everything at once, better prioritization can translate into real operational advantage.
Why losing access to Mythos is a big deal
After the Trump-related decision, BFMTV reports that part of the NSA lost access to Mythos. The political move became a cyber problem overnight: an internal capability that had just proven useful, reportedly beyond analysts’ expectations, was suddenly harder to use consistently.
The situation highlights a dependency risk. When a government agency leans on a model built and controlled by a private company, it’s not just buying software, it’s relying on ongoing access to a proprietary system, shaped by contracts, governance decisions, and shifting politics.
And continuity matters in security testing. Red-team exercises aren’t one-and-done; teams rerun them to measure whether fixes actually reduce exposure. If access becomes partial or intermittent, it gets harder to reproduce conditions and track progress over time, forcing teams to patch together alternatives that may not perform as well.
How AI is reshaping security audits, and the tradeoffs
In modern cyber defense, AI is increasingly used to do three things at scale: assess risk, prioritize fixes, and detect anomalies. Models can sift huge volumes of logs, configurations, and code, then surface patterns that would take human analysts days to piece together.
That can also change how teams work. Instead of spending most of their time hunting for the needle in the haystack, analysts can focus on validating leads and fixing confirmed problems. But it introduces new failure modes: too many false positives burn out teams; too many false negatives create blind spots.
There’s also a governance challenge. Even in isolated environments, using external AI tools around classified systems raises hard questions about data handling, access controls, and what information the model can “see.” The same capabilities that help defenders can also, in other hands, accelerate attackers, fueling an AI-driven arms race in vulnerability discovery.
The bigger implication is strategic: if AI can compress vulnerability discovery from days to hours, access to the best models becomes a national security lever. And decisions about who gets that access, and when, can ripple through the pace and effectiveness of U.S. cyber defense.
Key Takeaways
- Anthropic’s Mythos identified vulnerabilities in classified NSA systems within a few hours during a supervised test.
- The test was not a real intrusion, and finding a flaw does not necessarily mean it can be exploited immediately.
- Partial loss of access to Mythos after a political decision complicates audit continuity and defense strategy.
Frequently Asked Questions
Did Mythos really “hack” the NSA?
No. The available information describes an authorized, controlled red-teaming exercise in which Mythos identified vulnerabilities very quickly. The officials quoted also explain that finding a flaw doesn’t mean exploiting it at the same time, especially on classified systems that are isolated and heavily segmented.
Why is losing access to Mythos a problem if the NSA already has experts?
Because the value is in speed and the ability to ingest a lot of information to prioritize. Even with very strong analysts, an AI can drastically reduce the time it takes to discover vulnerabilities, which helps teams fix them sooner. If access is cut off, teams have to fall back on slower methods or other tools, which affects timelines.
Can this kind of AI also help defend in real time?
Yes, in principle. Approaches described in the cybersecurity literature emphasize anomaly detection and analyzing large volumes of data to spot suspicious behavior, prioritize risk, and automate part of the response. But you have to manage alert reliability and keep humans in the loop, especially in sensitive environments.
Sources
- Après la décision de Donald Trump, une partie de la NSA n'a plus accès à Mythos: et c’est gênant, l’IA d’Anthropic avait détecté des failles dans des systèmes classifiés hautement sensibles en quelques heures seulement
- L’intelligence artificielle de pointe (ITSAP.10.050) – Centre canadien pour la cybersécurité
- AI Security Explained: How to Secure Artificial Intelligence | BigID
- Quel est le rôle de l'IA dans la détection des menaces ? – Palo Alto Networks
