Spare a thought today for the latest workers to be displaced by AI: hackers.
What happened: Anthropic says that hackers likely associated with Chinese state-sponsored groups used its AI agents to undertake cyber-espionage attacks against major global targets with minimal human supervision.
- The attackers used Anthropic’s Claude Code system to target around 30 “large tech companies, financial institutions, chemical manufacturing companies, and government agencies,” the company reported.
- Claude has safeguards that are supposed to prevent it from being used for malicious purposes, but the hackers got around them by tricking the AI, telling it that it was simply testing the target’s cybersecurity defences (kind of an obvious workaround!)
Why it matters: It’s the first reported cyberattack performed autonomously by AI agents — Anthropic estimates that 80-90% of the operation was done with no human involvement.
- The attack is evidence that AI systems have advanced to the point where someone using affordable, off-the-shelf tools can undertake cyberattacks that would have, in the past, required entire teams of sophisticated hackers.
Zoom out: AI agents are becoming a bit of a cybersecurity nightmare — earlier this year, researchers were able to steal data from Salesforce, Microsoft, Google, and other widely-used platforms using the companies’ own AI agents.—TS