7 comments

[ 4.2 ms ] story [ 25.3 ms ] thread
Good on Anthropic for disclosing this and leading the way ethically. I could see other companies trying to keep this buried.
And this is why local run models are absolutely necessary. Sure Claude is better than whatever you can run locally, but to avoid being eavesdropped on every keystroke, just buy older enterprise server with enough compute for 3k USD and run similar model there.
There's a part I didn't understand. How did the model know which companies are vulnerable to attack? I get the part where the LLM was used to analyze documents and create "malicious" software but the biggest missing step seems to be the first one. Someone please correct me if I'm wrong but usually that's either targeted at a specific company or you do a port scan on IP ranges to find any target and proceed from there.
In a sense, is Anthropic an accomplis?
Man, part of me wonders if the same AI arguments are playing out across the criminal underworld. Like, are some criminals afraid of their jobs getting automated? And the old school guys are like, "AI just makes slop crime". And are junior criminals are having a hard time breaking into the industry because they've stopped hiring for intro level gang jobs because the Crime Lords are really pushing their henchmen into using AI for everything?
The article is entirely devoid of detail. Is there a better source for this?
This was inevitable. AI lowers the barrier to entry for cybercrime just like it does for everything else. The concerning part isn't that someone used AI for attacks - it's how "unprecedented" the scale became. Automation lets bad actors operate at a level that would have required entire teams before. Defense needs to scale up accordingly. Manual security reviews can't keep pace with automated attacks.