Facepalm: It appears that the US government isn't completely against American agencies using technology from Anthropic, a company it designated a "supply chain risk" earlier this year. According to a new report, the NSA is using the AI firm's Mythos model "for offensive cyber operations."
The Financial Times reports that Anthropic has installed half a dozen engineers inside the NSA as forward-deployed staff. Their job is said to involve guiding the agency's use of Claude Mythos and customizing the model for specific applications.
It remains unclear whether the Anthropic employees are helping with live hacking operations, or if Mythos is being used in active campaigns. But one person close to the arrangement told the FT that the model would be useful for infiltrating networks in countries such as China and Iran. The logic is that US adversaries are likely to be using cyber-focused AI systems of their own, making an early advantage important.
The report fits the NSA's remit, which includes collecting signals intelligence through wiretaps, undersea cables, corporate partnerships, and other clandestine methods, as well as offensive cyberattacks against foreign adversaries. The agency declined to confirm or deny the report, while Anthropic did not comment.
In February, the Pentagon threatened to cut Anthropic off unless it dropped restrictions on using Claude for mass domestic surveillance and fully autonomous weapons. The dispute reportedly began while Anthropic and the Department of Defense were negotiating a $200 million contract, before the administration demanded broader access to Claude for "all lawful purposes."
Anthropic refused, leading the government to label it a supply chain risk, putting it in the same broad penalty box as firms such as Huawei and ZTE. The company later said it would sue, arguing that the designation was legally unsound.
A federal judge in California temporarily blocked one version of the designation in March, but a Washington appeals court allowed the Pentagon blacklist to remain in place in April. By May, the Pentagon had signed major AI deals with OpenAI, Google, Microsoft, and Nvidia while cutting Anthropic out.
The NSA sits under the Department of Defense, the same department arguing in court that Anthropic's technology poses a national security risk. But reports suggest the NSA was already using Mythos despite the blacklist, implying parts of the DoD may consider the model too useful to ignore.
Anthropic has framed Mythos as a defensive cybersecurity tool. The company launched Project Glasswing in April with partners including AWS, Google, Microsoft, Nvidia, and CrowdStrike, saying Mythos had identified thousands of zero-day vulnerabilities.
This week, Anthropic said partners had found more than 10,000 high- or critical-severity flaws, and access was expanding to around 150 more organizations in over 15 countries.