Bloomberg Audio Studios, podcasts, radio news.
As this tech evolves, we may need to have a more standardized process for if there is a systemically important development in the tech, there is an actual process for deciding who gets access. It's done in a more democratic way, in a more equal way, and that's a hard thing to happen.
I'm Stephanie Flanders, head of Government and Economics at Bloomberg, and this is trump Anomics, the podcast that, as ever looks at the economic world of Donald Trump, how he's already shaking the global economy and what on earth is
going to happen next. And this week's episode is being recorded a bit early on Thursday, the sixteenth of April, in Washington, in the middle of the Spring meetings of the International Monetary Fund and World Bank, where an AI model that few of the officials here had probably even heard of a week ago is threatening to upstage even the conflict in Iran as the subject everybody wants to discuss.
It all started with a Bloomberg story a week earlier revealing that the US Treasury Secretary Scott Bessant had gathered Wall Street bank leaders to warn about mythos the latest AI model from Anthropic that it was so powerful that it could herald a new era of cataclysmic cyber attacks
carried out autonomously by bot. That meeting called at short notice set off alarm bells with central bankers and regulators around the world, who all then rushed to arrange their own meetings to understand how this model and others like
it could raise a new level of systemic threat. But, as with most things AI, the answer turns out to be a bit complicated because the same people who tell you how dangerous this new model is, a model Anthropic itself has said is so powerful it's only making it available to a select group of firms, will also tell you it's going to be the best security against cyber
attacks we've ever had. So frightened, relieved, perplexed, How should we feel about mythos and does the stability of the world financial system and the broader economy really rest on the answer? While we thought it was worth getting some kind of debate going on that with Laura noonan global finance and regulation reporter who's been in DC chasing this
story but is normally based in London. Laura, welcome to the show, Thank you, and Michael Dung is the geoeconomics technology analyst at Bloomberg Economics, and he's previously served as a policy advisor and presidential management fellow in the Chips Program Office at the Department of Commerce.
Michael, welcome back. Great to be back.
Our colleagues actually wrote a big explanatory piece on the day that we're recording, which sort of painted a picture of the testers inside Anthropic, who over the last I guess a few months have been waking up to the extraordinary and potentially quite frightening power of this new model Mythos. Michael, what is it? I guess we should get to basics on what's special about.
It Mythos's Anthropics newest model, and in particular, the capability that's set off alarm bells is its ability to autonomously discover vulnerabilities on a scale that we haven't seen before.
So this capability in itself isn't brand new. If you look at cloud Opis four point six, which is the model immediately preceding this, they did show early signs of this capability in terms of finding five hundred zero day exploits, which are exploits that the developers didn't know about and vulnerabilities that attackers could exploit.
So zero day is you have zero days to fix them because you didn't know about them exactly.
Yes, and those tend to be the most devastating used by hacker groups and even nation states, and generally the ideas that many of them hold a repository of them to use at certain times. Opus four to six already demonstrated ability to find some of these. The difference with Mythos is its ability to find many more of them
autonomously at speed we hadn't seen before. And in many cases, one of the anecdotes was they had researchers who did not have security training essentially instructed to run overnight and the next morning when they came back, it had found
a lot of vulnerabilities. And it's that ability to find vulnerabilities in much of the code and infrastructure that underpins the Internet, our financial system, across every major operating system, internet browsers, et cetera, that I think really is scaring people.
We're going to get into the double edged nature of this, because if you can find the vulnerabilities, then maybe as long as the system is in the right hands, you could potentially fix them ahead of others. The reporting we had on this, one of the paragraphs jumped out at me when they were doing this testing. Is it Mythos orchestrated the digital equivalent of a bank robbery, getting past security protocolsm through the front door of networks, breaking into
digital vaults that gave it access to online treasures. AI had picked locks, but now it could pull off an entire heist.
Yes.
I think that's a great demonstration of where we are in the frontier right And so previously, when you just had the models alone, they were sophisticated. They could program, they could write code well, et cetera. If you've heard all the chatter over the past year Agantic systems, this program that we've seen specifically in Mythos is a perfect demonstration of that. The ability to act autonomously, chained together
independent actions. And I think even more so than finding specific vulnerabilities, that ability to chain together minor exploits into a significant attack campaign is what has researchers most concerned, because that's the ability that's most difficult to guard against.
One of the most popularly circulated graphics, which was at the top of Anthropics release article talking about Mythos was looking at Firefox exploits in which they compare something like Mythos found one hundred and eighty one ways to exploit
Firefox versus two to four point six. But the key there was the one hundred and eighty one In many cases relied on two vulnerabilities specifically, but Mythos specifically using those two was able to find a variety of ways to attack the browser, and that sort of demonstrates the greater latitude of action that this model has versus predecessors.
In some ways, this is an unusual thing for us to be talking about because we're getting into kind of high tech, but of course we're also ai is infiltrating so many different parts of our world. Now, that's why
we would have to talk about it. But Laura, when you came to these meetings, you say in a piece that you've been writing that you might have expected potential for World War three, or certainly major developments in Iram which are causing enormous economic ructions, to be the dominant topic this week in Washington, But they have been a little bit hijacked by Mythos.
Yeah, I mean in terms of the people who are here from a pure financial sector perspectives. So we're talking about the governors, the financial regulators, the banks themselves, the people who are interested in the pure financial sector stuff. The main risk everyone's been talking about has been mythos and what it could mean for the financial sector, and it has been fascinating to watch it evolve because these are people who feel very well versed in understanding financial risks.
They could talk to you about the model underpinning bank capital all day long. These kind of models are brand new territory for them. I think they'll actually benefit a lot from listening to our colleagues comments here, because the level of understanding is just not there, and they read this thing, they think it's big, it's scary. They don't
know how it's going to regain. And if you hear the idea that it could do an entire bank heist in like five minutes, ten minutes, that is terrifying for the people whose job it is to protect the financial system.
Cyber risk cybersecurity must be something that you have been hearing about in these circles for a while. I'm certainly very struck. When you talk to the heads of banks or others, they will reveal just the amount of money, the amount of individuals they have focused only on deterring cybersecurity risks. On a given day, there's just they paint a picture of an onslaught on the bank's security systems on their websites daily. That's just been a fact of
life for years. Shouldn't they be on top of it by now?
I think part of the thing is they feel like they have been spending a lot of time on this and this has still caught them somewhat unaware, even though
they knew there were cyber risks. I think it's the escalation, the fact that this could all happen so quickly, and I think some of them have been somewhat blindsided by this because certainly there is a lot of focus and has been for a long time, and people have been warning about cyber risk, but it's hard to get people to really understand it until it becomes a real and
a present danger. So there were some similar conversations going on around the quantum computing capacity, and people had been concerned that when we have holescale quantum, that's going to lead to a great escalation around cyber attacks, and people were thinking about that talking about that, but it was seen as something which is going to become a reality in five ten years. So I think the idea that there would be this step change in cybersecurity demands so
quickly is what's called people unawarees. And also the financial system hasn't got very good tools to deal with this in a harmonized, unified way, and that's also been a feature of some of the conversations this week.
And Michael, even as we've had this conversation, and I noticed that even in the coverage over these last few days, we had the story that I mentioned at the top about Treasury Secretary bushering in banks, and it was understood to be him warning about this model, but actually it turns out it was also about encouraging banks to use this model to identify the risks and the holes in their system ahead of others, because it's so good at
identifying weaknesses. So I guess it does raise this question is it a threat or is it actually something that's going to make us safer this kind of model.
So absolutely both, and I think a lot of it depends on the timing itself. So in the immediate short term, it's much more of a threat, just because things are changing so quickly, and the velocity, the speed of the threat environment has accelerated so dramatically, and so one of the things is for the attackers have always had a structural advantage, let's say pre AI, in the sense that they could choose a time and place where they attack
and they only need to succeed once. And defenders, as you already alluded to banks for example, face huge campaigns of attacks all over the place and they need to succeed one hundred percent of the time, and if they fail even once, then consequences could be catastrophic. What's changed with anthropic with MYTHOS now is that you see this general upskilling of attacking capabilities across the board.
Right.
That's the initial concern, which is that many people who didn't have the capabilities to attack top institution cyber defense teams could now use Mythos, assuming they get access to it in a year or so when this becomes public, to then attack institution that a scale we've never known before.
But in the long term, the reason this potentially could actually be a benefit is again as you discussed, there's huge potential for this to help defenders scan for vulnerabilities and close the sort of resource gap that they had with the attacking side. There was always a scale mismatch between attackers and defenders, but this helps close that scale for the defender side, who also have an internal information advantage.
They've always had this advantage as well, but were just never able to fully exploit it in the sense that they know their own systems the best, and once they have the scale and the resources that Mythos provides them to act on that information advantage, it actually means we could get mount for secure systems. They could find all the vulnerabilities, gradually patched them out over time, and once you patch a vulnerability, it's gone, so an attacker can
no longer use that. So in the long run you could see this certainly assuming banks and top institutions act quickly enough to look at their own vulnerabilities, which is what this anthropics headstart is giving them right now, then you could see this really benefiting the defense.
There's often a discussion around economists saying that things will be fine in the long run, and then you know, on the famous Canes quote about when the.
Long run, we're all dead.
In the short term, it sounds like if you think the period of quite a heightened risk is going to be when these models are out there, but it's not clear in whose hands they're in, and the state of knowledge on the side of the banks is perhaps mixed. It seems like we're going to have quite a few bumps on the road to that more secure future that you just painted.
Yes, absolutely, and even that more secure future is conditional on a lot of this AI being properly used and properly implemented and deployed across most institutions. One of the things I just discussed about defenders having an advantage is only true in the immediate short term for top institutions with access to these models, with the budgets and the cybersecurity
teams to properly defend their systems and networks. A lot of these smaller bank, smaller institutions, smaller firms across the boardroom in many cases even now, don't have proper cybersecurity teams are going to be even more exposed and vulnerable to heightened campaigns from attackers with much more skill and resources, assuming that they do get access to mythos in time. And in part what needs to happen is I think the infrastructure providers for the Internet for the financial system.
The top institutions themselves need to be much more proactive about pushing out updates and patches to make sure that most of these smaller institutions aren't running their own infrastructure right, and so the infrastructure behind them needs to be more proactive and making sure vulnerabilities are fully addressed so that as a network effect, the totality of the system and the economy is protected. And that's what Anthropic is doing
with Project glass Wing. In addition to their twelve launch partners, these top banks and institutions, they've added in forty plus infrastructure providers because they know this is the quickest and fastest way to reach the most people.
Laura, like the regulators, you're learning on the fly.
You're you're not from our tech team, but I suspect you're going to get more and more by the hour.
You're getting better informed on this.
But just on that point of the sort of this double edged aspect where you've got to be very frightened of this model, but you actually want to make sure that your own institutions get it first so that they can actually use it to spot vulnerabilities. The regulators that you listen to are they getting their heads around that.
I noticed that we had a store.
You know, it does seem like some UK financial firms are going to get hold of this model.
How is that playing?
So it really has opened up an interesting debate about who gets access and who doesn't and also who decides, because it's not actually for the FED, for the Battle Committee for the Bank of England to decide. This model is owned by a non state actor, so they can encourage,
but they don't really have a role there. And the banks who are not currently able to access it, which is every win aside from the biggest US banks, they do feel like they are at a disadvantage because they can't plan and they can't prepare, and they're very keen
to get access to it. There are some of the European officials who were here this week who are trying to softly encourage their peers in the US to encourage the US technology company which owns the model to give the European banks access, but there's no obvious process for that. So it's one of those things whereas this tech evolves, we may need to have a more standardized process for if there is a systemically important development in the tech,
there's an actual process for deciding who gets access. It's done in a more democratic way, in a more equal way,
and that's a hard thing to happen. And one of the challenges for Europe is Europe hasn't exactly got a version in tech industry itself so exta that there are AI issues, they are likely to involve non European companies, and that means that the European large companies who are effectually clients of these AI firms are not going to be at the front of the queue when it comes to getting assistance to dealing with these issues, and that is a challenge which Europe is very acutely aware of.
Michael, I mean, it's odd because Anthropic, you know, we had this news about Scott Bessen. But of course the main dynamic between Anthropic and the US administration recently has been around the arguments with the Defense Department and being categorized, whether it was legal or not, being categorized as a supply chain threat.
How should we read that.
That's the same administration that has said it's a supply chain threat has encouraged all of its contractors to stop using Anthropic Tech is also encouraging some financial firms precisely to use this tool. Have they just given up on the supply chain threat aspect? I, as.
Well as many others, would find the supply chain is designation questionable for Anthropic and that.
The administration hasn't quite fescin.
Yes, the specific use of Nthropic and the argument over that in that context is very much about the Department of Defense not wanting to be constrained in any way in the use of entropics model. The context for its wider use in the financial system and protecting many of our top institutions is much more about the capability of
the model itself. It's a difference between scope of responsibility versus raw capability, and so in this case, I think even even if you assume the supply chain risk designation was somehow entirely legitimate, you would still have to be careful about let's say a Chinese open weight model that's suddenly had this capability. You would still see Treasury briefing all the top banks and institutions to make sure are you aware of this threat? Are you preparing it with
that this threat? Are you actually using this to defend your own system?
It's not just the warning about it, is encouraging them to use it.
Yes, Yeah, I wouldn't be the first to point out that there's a lot of contradictions with this administration.
Well, although going back to what Laura said, we may or may not the way that Pete Hexa sounds or some of the arguments that were used by the Pentagon, but the point of principle that a private sector firms shouldn't be the one dictating where these powers sit and how they're used. That is something that I think people
across the spectrum would have some sympathy with. If this is something that is the difference between having an enormous cyber risk to household deposits important systemic institutions in the financial system, if it's a private sector company that's determining whether you have protection against that or not. There it does seem something undemocratic and wrong about that.
Yeah, absolutely, And I think this is a conversation that's going to intensify as other firms catch up to war Anthropic is OpenAI a week later released GPT five. Four cybursts insert themselves in the conversation to and prove that
they have an equally capable model equally scary model. I think as these capabilities progress, you're going to see more and more discussion about potential government intervention, even talk about government stakes or nationalization to some degree, because these capabilities are game changing that there's no way that a government would tolerate all this power to be held entirely in the hands of private actors. The US right now is by far the most lenient on AI regular and accommodation
of private AI interests. But even that I don't think can hold over time because we're not seeing a plateau on I capabilities anytime soon. And consider the difference between mythos now and where GPT was a year ago, and then build that out two or three more years where we might be with AI and with there being no seeming plateau like technical plateau on the horizon. I think that's really a conversation that needs to be had.
And Laura, you've raised the point about Europe. You listen to what Michael just said, and then you listen to conversations with European policy makers saying we can't afford to have all of our technology stack everything be dependent on US firms. In this case, that's a lost cause. Presumably, if you're talking about the security of the financial system, they're absolutely going to have to be dependent on the US forever. More.
It seems like not just on the US, so I think in this contact you're the US, we also have Asia, so we also have the Chinese AI companies, but it's all foreign And to be honest, the Asia stuff is actually scarier for the policy makers because while you're banks, they're not at the start at the top of the queue. For the US, there's at least friendly and open relationships.
There is more concern that if there were a company in a less collaborative jurisdiction whose which actually developed this kind of technology, they might not give Western banks a heads up to get their defenses out. And I think that's the big concern is what if this develops somewhere that we don't have at least a line of contact into to try and get our banks defended. But in
terms of Europe, the ship has sailed. There are aspirational projects around let's try and invest a lot of money and build our own tech giants, but really that is a very long term plan and most people would say that's probably never going to come to fruition so what's about for them is trying to find the best oversight model for the technology that we live in. And that is a challenging conversation because ultimately it does come to like the main interest of the US financial regulators is
protecting the US financial system. It's the US system first and then the global system second. That is the way people increasingly think about the financial systems of the world.
There has been a real fragmentation in terms of how people see the global financial system, and in these kind of moments, people do think of their own industries first, and I think only once they have secured the biggest, the main US interests, then they will expand the efforts to their colleagues in Europe and to other places which are key markets for them.
Yeah, and I was struck by a piece that you've written where you say officials privately lament the every man for himself approach that's increasingly creeping into global conversations on finance and could hinder the effective sharing of information on risks globally. It feels a bit like the issue we had with vaccine development after COVID, that you had individual countries really looking to protect their own citizens before anyone
else got protected. But is that plausible in a very globally interconnected financial system, doesn't Don't America have a stake in europe financial system, being say, for given how much the inter relationships there are.
It certainly has a stake. So I think it is a different dynamic to vaccines in that sense. But what I would say is it definitely has an interest in global financial stability, but it has an even bigger interest in doing what it can to protect the US financial systems. I think there's certainly a hierarchy there. It's not that the global financial system isn't at all relevant to the US, It's just the main thing, and all of the domestic
agenda here is about trying to protect the US. We hear it in terms of the debate around growth, around competitiveness. We hear it in the EU as well. People's primary concern is trying to help their own industries first, and then we'll deal with the global picture.
Michael Love their responses that regulators should have that address directly some of the things you've been talking about in terms of the key thing being not just access to these kind of tools, but the incentives that institutions would have to patch the flaws that they identify. At the moments, banks aren't forced to do that, but just trusting that they will put in place things that will protect their interest Do you think that's something that needs to change.
Regulators will need to change the way they look at it.
I actually do think there's potentially a case to be made for stronger regulation in one consideration, because even when you have a lot of these banks protecting themselves out of their own interests, it's entirely possible for some of them to have a greater risk appetite over a cybersecurity than others. And you can see that in just basic financial transactions all the time with certain banks, and.
You can see that with the glibl functually crisis. So a lot of them didn't protect themselves as much as the FED and others anticipated.
Yes, exactly, And I do think there needs to be more uniform standard that ensures that banks are properly addressing cybersecurity vulnerabilities and they're up to date and following whatever the latest patching schemes or general paradigms are in the way that a lot of other critical infrastructure industries are as well. Right now, it just seems to be a dialogue and a partnership, but I think the government does probably need to take a more active role as these models get more powerful.
I have heard people talk about different ways of thinking about this risk. There's having the absolute best tools and being part of an arms race where you just make sure that you've got a better tool than the hackers have. But there is also the idea that you limit the risks of any given threat blowing up the rest of the system. I think of it in a very kind of analog way, as you unplug the computer, but you
know that you isolate. You have systems that can be isolated from global networks, so that when you assume you are going to have attax and you just make sure they can't spread through the system. Is there an aspect of that, because it seems like our whole conversation is more about the arms race. You're just going to have to keep up and make sure that you're getting all of your updates all of the time, which for so many institutions is not going to be practical.
I think would be very difficult to do that because in many ways, that's effectively the opposite of how the financial system and the global economy works, and even how Internet infrastructure works. Like I talk about the concentration of core being processing vendors, I also talk about the concentration of cryptographic protocols that protect all the fine networks. There's just not really an effective, scalable way to wall off
individual systems. I'm sure you could do that for individual niche systems, but the moment that a system needs to talk with another system, that inevitably exposes it to all the network vulnerabilities that come with it. And that's the tragedy of the Internet in itself, is that this kind of system of connections was never built for security first, and we're essentially patching in security and resilience on top of that in the best way we can.
And on that bombshell, Laura, last question to you. We thought we would be probably talking about AI this week at the Well Bank and IMF meetings, but possibly more around risks to jobs and economy's longer term but short term potentially the risk to the economy from an AI bubble bursting. Do you think for some of the officials you're talking to, the AI related risk that actually could be most threatening to the global economy right now, the financial system is the one we've been talking about.
It's certainly the one that they're most concerned about this week, but it's also the recency bias. This is something that just emerged a couple of days before the IMF meetings, and everyone's talking about thattand it. Well, it's really been interesting watching people who always understand what they're talking about begin the conversation by asking me what I've heard, because
it's all the fact finding mission this week. But I think there have been long running concerns about the credit quality around AI, the fact there's been a lot of money pumped into data centers. How is that going to play out in the longer term. There's also the jobs macroeconomic thing, but those questions they are also somewhat unanswerable.
So there is a sense that we're going to get a newer term resolution to how this issue plays out than the long term impact of what AI is going to mean for jobs, economics and for the bigger world. That's going to take longer to play out. And similarly, we could see the AI bubble. The AI bubble has been warned about for quite some time and has proved pretty resilient, so far because there's only so many ways that people can frame the same fears about the AI bubble.
So what I think is has given this piece more oxygen is also the fact that people have new things to say on it. Even if the new thing that they're saying is this sounds like it could be very bad and we don't know what's going to happen, but it is at least something new to say. We've heard a lot of warnings about the AI bubble. We've heard a lot of warnings about AI and jobs.
Okay, so enormous amounts of money and attention and potentially large chunks of the financial system going into something that we don't fully understand what could possibly go wrong. Thank you very much, Laura and Michael, thank you, Thank you thanks for listening to Trumponomics from Bloomberg. It was hosted by me Stephanie Flanders. I was joined by Laura Noonan of Bloomberg News and Michael Dunn from Bloomberg Economics. Trumpnomics was produced by Summersadi and Moses and with help from
Rachel Lewis Christy and Amy Keen. Sound design was by Blake Naples and Kelly Gary And to help others find this and enjoy it, rate.
And review it highly. Wherever you listen to podcasts,