Artificial intelligence is improving in all areas, including hacking. It’s becoming easier than ever to steal someone’s identity, cripple sensitive banking and healthcare systems, or hold a company’s data for ransom. And if cybersecurity defenders aren’t ready, cyberattackers will leverage AI to wreak havoc.
“The calendar is not years, but months“, warned the multinational intelligence group Five Eyes on June 22. The latest AI technology “lowers the barriers for malicious actors and increases the speed and complexity of attacks.” Five Eyes is a secret alliance dating back to World War II in which Australia, Canada, New Zealand, the United Kingdom and the United States work together to gather intelligence or respond to security threats.
Two new models, Anthropic’s Mythos 5 and OpenAI’s GPT-5.5, have each been shown to independently plan and carry out a full buyout of a simulated business network. That means a single hacker could do what once required a large team, says Michael Alexander Riegler, an AI security expert at the Simula Research Lab in Oslo, Norway. These models can also detect and exploit security vulnerabilities in operating systems, browsers and other software at an expert level, which could leave defenders scrambling to patch vulnerabilities.
“It will be that cat and mouse game again, who finds the hole first, who closes it first or who exploits it first. But at a much higher speed than we are seeing now.”
Michael Alexandre Riegler
AI security expert
Five Eyes’ warning follows the US government’s ban on Anthropic allowing foreign nationals access to Mythos 5 and another new model, Fable 5, citing national security concerns. Mythos 5 had been made available solely to cyber defenders to help them identify and fix vulnerabilities before the technology fell into the hands of bad actors. Fable 5, a version of the same model with additional safeguards intended to prevent its misuse in cybercrime, was only available to the general public for a few days.
So, are AI-powered cyberattacks really an imminent threat? Or is it more corporate posturing and hype? Scientific news asked Riegler about the risks and reality. This interview has been edited for length and clarity.
SN: Are the latest AI models particularly dangerous?
Riegler: Over the past few months, we’ve heard a lot about Myth and how dangerous it can be. And I agree that AI poses many security risks. When the capacity of these models increases, the time from detecting an issue to exploiting it becomes very short, because you can essentially automate the entire pipeline. But this is not something really new…. [It’s] not just the latest models [that] are a security threat, but also other models already available. If you know how to use them, you can… do really bad things.
It makes sense if you think about it. Tools like Claude Code make coding much more efficient. You can automate the process. You could use several hundred [AI] agents at the same time to explore different security vulnerabilities. Before, you had to hire a group of two to three hundred hackers [for organized cybercrime]. All you have to do is buy 300 GPUs [specialized computer chips used to run AI] and you can do similar things.
SN: So why all the worry about Mythos?
Riegler: I think it’s as much marketing as it is a real danger. If you say, “I’m sitting on something that’s so dangerous we can’t publish it,” a lot of people will really care about it and want to be part of that group that has access…. It’s a bit of a spectacle, and [the U.S. government and Anthropic] focus on the wrong problem.
SN: What is the right problem to focus on?
Riegler: AI poses a huge security risk…. But [the security risk] It’s not just a question of model. It’s also about everything related to the model. What kind of tools you provide him, if he has access to the Internet, if he can test his own code. The whole system around it is therefore also very important.
In our tests[[with systems combining small AI models and various tools]we created a system that could, for example, hack your website and find security holes in your website, but also hack your network and try to find security holes there. Or it could break another AI and make it do things it shouldn’t do. It’s quite flexible.
SN: Is there an advantage to cybersecurity defenders having access to the same tools as attackers?
Riegler: Security testing your own system will be more effective. I think in the end it will balance out. It will be this game of cat and mouse again: who finds the hole first, who closes it first, or who exploits it first. Just at a much higher speed than we are seeing now.
SN: What can people do to protect themselves against sophisticated AI-based cyberattacks?
Riegler: Be even more careful when using different passwords for different services. Keep your software up to date at all times, use two-factor authentication. Everything you do may be a little inconvenient, but increases security, I recommend it.
SN: What about businesses and public organizations?
Riegler: When I talk to security experts in different companies or in the public sector, they are always late. Some of them are very scared, others not at all. They need to take the security risks of AI seriously and not think that it is a distant future.