Opinion

HEATH MUCHENA | The day cybersecurity stopped being a back-office problem

Banks and crypto brace for risks as AI exposes flaws in critical infrastructure

Heath Muchena

Heath Muchena

Columnist

Services are being restored after a cybersecurity breach at the provincial legislature in the Western Cape. Stock photo.
The writer argues that the issue now is not that machines can 'hack everything'. It is that cyber capability is becoming more scalable. Picture: (123RF/pitinan)

A line has been crossed in AI and it did not happen in search, writing or customer service. It happened in cybersecurity.

Anthropic recently said it would not release its Claude Mythos Preview model commercially. Instead, it placed access behind a restricted defensive program, Project Glasswing.

The company said the model had already identified thousands of high-severity vulnerabilities and described it as capable of outperforming all but the most skilled human experts at finding and exploiting software weaknesses.

That decision matters because it signals a change in what frontier AI is becoming. For years the AI debate centered on productivity, creativity and labour disruption. Now the more unsettling question is whether advanced models are getting good enough at cyber offence to force a redesign of the digital systems modern economies rely on.

Anthropic’s own technical write-up says Mythos could autonomously build exploit chains and find serious weaknesses in operating systems, browsers and cryptographic software.

The issue is not that machines can now “hack everything”, but that cyber capability is becoming more scalable. A gifted human security researcher has always been dangerous.

A model that can accelerate vulnerability discovery, triage and exploit development changes the economics of offence. The bottleneck starts shifting from rare expertise to deployment, access and speed. That is a very different world from the one most institutions still operate in.

Banks are a good example. Regulators and security officials in the US and UK have been engaging with financial institutions after concerns that models such as Mythos could expose vulnerabilities in critical banking systems. The worry is obvious.

A model that can accelerate vulnerability discovery, triage and exploit development changes the economics of offence. The bottleneck starts shifting from rare expertise to deployment, access and speed. That is a very different world from the one most institutions still operate in.

Large banks are not built from clean, modern code alone. They run layered stacks of new software, old middleware, third party integrations and deeply embedded legacy systems. AI does not need to invent a new class of weakness to create trouble. It only needs to get far faster at finding the weaknesses already there.

That may be the most important angle in this story. Frontier AI is not just an offensive tool. It is a brutal spotlight on technical debt. For years, companies and governments could postpone expensive modernisation projects because the old systems still worked well enough.

AI is changing that calculation. If advanced models can inspect brittle infrastructure faster than human teams can patch it, delay becomes its own risk premium. The next great AI trade may not simply be software automation. It may be forced modernisation.

Crypto sits directly inside that shift. The immediate danger is not that AI suddenly breaks bitcoin or collapses encryption overnight. The more realistic near-term threat is that AI accelerates the discovery of bugs in wallets, bridges, exchanges, validators, browser extensions and cryptography libraries. Anthropic said Mythos found weaknesses in major cryptographic implementations tied to TLS, AES-GCM and SSH. In cyber, the failure often appears first in the implementation, not in the maths.

The longer horizon is more serious. The National Institute of Standards and Technology is already pushing institutions towards postquantum cryptography and Google Research recently warned that much of the digital economy, including blockchain systems that rely on elliptic curve cryptography, will eventually need stronger protections.

Ethereum researchers have also said quantum resistance should be pursued well before the threat becomes immediate. AI and quantum are different issues, but together they point in the same direction: the internet’s trust layer is entering an upgrade cycle.

That is why Anthropic’s decision feels bigger than one product. It suggests the most important AI systems of the next few years may not be the ones that entertain consumers, but the ones that inspect the hidden machinery of modern life.

Cybersecurity is no longer a technical afterthought. It is becoming a measure of institutional quality, market resilience and even monetary credibility in a world where code increasingly underpins money, banking and communication.

The future of cyber may belong not to whoever builds the smartest attacker, but to whoever rebuilds trust the fastest.

• Muchena is founder of Proudly Associated and author of ‘Artificial Intelligence Applied’ and ‘Tokenized Trillions’.

Would you like to comment on this article?
Sign up (it's quick and free) or sign in now.

Comment icon
Sign UpLog In

Please read our Comment Policy before commenting.

Editor’s Choice

1

MAHLATSE AT THE WORLD CUP | Latest developments at FIFA World Cup 2026

2

DARYL SWANEPOEL | Unemployment: are we measuring the wrong thing?

3

ANALYSIS | SA newsrooms ill-equipped to deal effectively with AI

4

PHILIP MASEKO | Why Acsa thrives while Prasa implodes

5

ERNST VAN BILJON | The shockwave never subsided

Related Articles