The era of AI-orchestrated hacking has begun: Here’s how the United States should respond
On Nov. 13, Anthropic announced it had disrupted the “first AI-orchestrated cyber espionage campaign,” conducted by Chinese cyber actors using its agentic Claude Code model. Discussed in depth at a congressional hearing on Dec. 17, the operation represents a major escalation from previous malicious uses of AI to generate malware or improve phishing emails, ushering in an era of high-speed and high-volume hacking.
For years, experts have warned that agentic AI would allow even unsophisticated nation-states and criminals to launch autonomous cyber operations at a speed and scale previously unseen. With that future now in reach, policymakers and industry leaders must follow a two-pronged strategy: ensuring that organizations have access to fit-for-purpose cyber defenses and managing the proliferation of AI capabilities that will allow even more powerful cyber operations in the future. Both steps are important not only to safeguard U.S. networks, but also to solidify U.S. technical leadership over competitors such as China.
In a detailed report, Anthropic assessed with high confidence that a Chinese state-sponsored group designated as GTG-1002 used its Claude Code model to coordinate multi-staged cyber operations against approximately 30 high-value targets, including technology companies, financial institutions and government agencies. The campaign produced “a handful of successful intrusions.” The hackers circumvented safety features in the model, breaking the workflow into discrete tasks and tricking Claude into believing it was helping fix cybersecurity vulnerabilities in targeted systems.
Read more at Just Security