What could Claude Mythos mean for healthcare cyber risks?

In April, Anthropic made the announcement that it would not release its new frontier model, Claude Mythos, to the public. The model has the ability to “surpass all but the most skilled humans at finding and exploiting software vulnerabilities,” according to a company blog post. 

Instead of a wide release, the AI company announced the Project Glasswing initiative that brings together several high-profile technology and cybersecurity companies, including AWS, Cisco, Apple, NVIDIA and more, to use Mythos Preview for defensive work. The initiative also grants access to more than 40  organizations that “build or maintain critical software infrastructure.” Anthropic intends to share the project’s findings. 

While the capabilities of this model are yet to be widely available, it signals where AI is headed and the major cybersecurity risks it fuels for critical infrastructure, including healthcare. 

Faster than ever exploits

The capabilities Anthropic attributes to Mythos have the potential to supercharge threat actors’ abilities to find vulnerabilities and exploit them to execute attacks on the healthcare sector. The company has used the powerful model “to identify thousands of zero-day vulnerabilities (that is, flaws that were previously unknown to the software’s developers), many of them critical, in every major operating system and every major web browser, along with a range of other important pieces of software,” according to the company blog post.   

Another blog post from Anthropic describes how Mythos Preview could be used by non-experts to exploit vulnerabilities and how the model could be used to autonomously target vulnerabilities. 

“It raises the stakes because healthcare is already a prime target,” said Errol Weiss, the chief security officer of Health-ISAC, an information sharing nonprofit for the healthcare sector. “The bottom line for us is if there’s a persistent long-term outage, people could die.” 

Figuring out the new threat landscape

While Anthropic and its Project Glasswing partners are attempting to tip the scales in favor of defensive cyber capabilities, it foreshadows growing AI-powered cybersecurity risks. Already, an unauthorized group claimed to have gained access to Mythos, although not with malicious intent, TechCrunch reported.   

Healthcare stakeholders are faced with the prospect of what could happen if threat actors are able to gain the powerful capability to find and exploit vulnerabilities faster than humans can respond. 

“Healthcare, pretty much all critical infrastructure, is not prepared for the speed, velocity, depth and impact that’s going to come [from] this,” said Jason Elrod, CISO at MultiCare Health System.   

Many healthcare organizations struggle with the current threat landscape, let alone the one that Mythos portends. 

“When people have asked me: What are the biggest challenges facing CISOs today in healthcare, my usual answer is the lack of resources that they need to adequately protect the network.,” said Weiss. 

Resource constraints are not a simple matter to solve. AI is creating a kind of arms race in cybersecurity in which defenders and attackers both use the technology to achieve their respective goals of thwarting and executing attacks, respectively. But healthcare organizations do not have an endless budget to spend on new AI capabilities.  

“We have this arms race where the bad guys are doing something and people are coming out with new models all the time. That’s just going to cost more. And I have to implement it. And I don’t have the money. I don’t have the resources,” said Elrod. 

Healthcare organizations may not be able to buy all of the latest AI-backed cybersecurity tools, but they will be tasked with finding ways to integrate AI capabilities with the resources they do have. 

“How can I reduce headcount? How can I reduce spend? How can I be more efficient? How can I do more with what I have or with less? That is the wrong way to think about AI,” said Elrod. “We need to actually concentrate on redefining roles, values and incentives to say, I’m going to have AI as well as a human in a role, and I’m going to build the role that way so we can take advantage of that.” 

The sector needs to focus on the fundamentals of cybersecurity as well, a point both Elrod and Weiss raised.   

Multifactor authentication is a tenet of basic cybersecurity hygiene, but it is not always uniformly applied in the healthcare sector. In 2024, the disruptive cyberattack on Change Healthcare was possible because UnitedHealth wasn’t using MFA on the system that attackers used to gain entry. 

In addition to the fundamentals of cybersecurity — like MFA, zero trust, microsegmentation, patching, testing backups — healthcare leaders also need to be thinking about how they are going to respond if and when AI can find and exploit vulnerabilities in near real time.   

“I cannot make all my vulnerable systems invulnerable,” said Elrod. “So, what I have to do is I have to be able to manage the exploitability of those systems.” 

That means thinking about minimizing the threat environment, maximizing control in that space and limiting the blast radius if an attacker is able to exploit a vulnerability, according to Elrod.   

Third-party risk management is a big part of that equation. Healthcare organizations are not only vulnerable because of their internal networks. The entire supply chain is a part of cybersecurity risk management. An attack on one vendor can have a cascading impact across the entire healthcare industry, as it did in the case of the Change Healthcare cyberattack. 

Healthcare organizations need to think about how they are adapting their own approach to cybersecurity in response to escalating AI-fueled threats, and they need to be asking if their vendors are doing the same. 

Carrie Pallardy, a Chicago-based freelance writer and editor, began her career covering healthcare more than a decade ago. Her work has taken into many different industries, but covering healthcare delivery remains a constant focus. She can be reached at [email protected] or on LinkedIn.