Claude Mythos in Banking: AI on the Way to Information Security

When AI becomes an active threat: Why banks need to rethink their approach now

The AI model recently unveiled by Anthropic – Claude Mythos – marks a paradigm shift at the intersection of AI and security: if AI agents and models can not only identify your organisation’s technical vulnerabilities but also exploit them autonomously and reliably in attacks, the core security promises of modern information security come under pressure and must be re-evaluated.

For banks and financial services providers, this is not an abstract debate about the future. The industry thrives on stability, standardised processes and controlled changes. This makes perfect operational sense – and yet it is precisely this that can lead to sluggishness in a crisis. Many institutions operate with core systems that have evolved over decades, heavily outsourced services and tightly scheduled change windows, as well as technology components that are also used by the majority of their competitors.

In this blog post, we examine the ‘Claude myth’ from our industry’s perspective and provide recommendations that you can effectively implement today to prevent tomorrow’s damage.

What Claude Mythos can do – and where its limits lie

Anthropic describes Claude Mythos as a model with exceptionally strong capabilities in cybersecurity. In publicly available tests, the model identified so-called zero-day vulnerabilities in major operating systems and browsers, generated complex attack chains, and, in a Firefox benchmark, developed significantly more working exploits than its predecessor (138 compared to 2).

Crucial factors here are both the hit rate and the underlying architecture of Claude Mythos, which makes this hit rate possible in the first place. Mythos combines its cybersecurity expertise with outstanding programming ability, ‘thinking capacity’ and autonomy as an AI agent. Whilst it was still possible until recently to argue that even the best AI models would be useless for exploiting vulnerabilities without human assistance, Claude Mythos now calls this into question entirely. And not because it automatically turns every vulnerability into an attack, but because it significantly lowers the threshold for highly dangerous attacks. Tomorrow’s hacker need not hold a PhD in computer science.
Despite all this, alarmism would be the wrong response. Further, and above all independent, tests and reports are needed. In the meantime, Anthropic has severely restricted access for the time being and placed the model in controlled, defensive environments via ‘Project Glasswing’, so that it can be investigated more thoroughly whilst ensuring it does not fall into the hands of potential attackers.

Why this is of particular importance to banks and financial service providers

Banks rarely operate in a vacuum

Instead, they operate within highly complex environments comprising core banking systems, specialist applications, off-the-shelf software, outsourced services and heavily regulated approval processes. This complexity made banking IT manageable for as long as changes to it were characterised by a similar level of complexity and a correspondingly (slow) pace. If exploiting vulnerabilities becomes that much easier and faster with the help of AI, technical and organisational complexity becomes a problem.

In banking, it is not just efficiency that scales, but also vulnerability

Institutions often use the same products, third-party service providers and security mechanisms. What works in one bank is therefore often not far removed from what works elsewhere. This is precisely where a single vulnerability can become a widespread problem for the entire industry.

DORA and the EU AI Act are raising the bar

Digital resilience is no longer just a technical issue, but a management discipline. ICT risk management, incident reporting, penetration testing and third-party risk management are now enshrined in regulations. In this context, information registers, AI registers and the information network were never merely a burdensome side task, but a prerequisite for knowing, in the event of an emergency, which service providers, subcontractors and technical dependencies are affected. Their value is increasing significantly with AI-based attacks.

Speed alone is not enough

The ECB has pointed out that, by 2025, a significant proportion of reported serious ICT incidents will be attributable to IT changes. Banks must therefore be able to do both: react quickly whilst still making changes in a controlled manner. This is precisely what makes an already challenging topic even more demanding against the backdrop of AI security.

What you should be doing right now to improve AI security

Claude Mythos is not yet available to the public. Nevertheless, we recommend that you take the following steps today.

• Use AI models defensively: Perhaps the most important point is also the simplest: don’t wait for Claude Mythos. Start working defensively today with available, powerful AI models, such as Opus 4.6, Gemini 3 and GPT 5.4. Whilst you won’t be able to automate everything reliably straight away, you will learn to establish the right working practices. Gain not only speed, but also routine.

• Reduce exposure time: Many organisations still focus heavily on vulnerability assessment, tracking and relevant committees when it comes to vulnerability management. This remains important! In the current threat landscape, however, the actual time taken to effectively remediate vulnerabilities is becoming the more critical metric. You should therefore check where patch cycles are too lengthy, which approval steps have developed purely historically, and where security needs to be implemented more quickly in operations and not just in policy.

• Rethinking incident response: Not every improvement requires a major project. Much begins with the initial assessment: Is the finding plausible? How serious is it? Has it happened before? Which systems and service providers are affected? This is precisely where agents and AI can already help today. The same applies to preparing incident response steps and documenting them in a structured manner. Anyone who accelerates these sub-tasks and improves their quality with the help of AI relieves the burden on specialists where it matters most and strengthens security.

• Prioritising legacy systems and third parties: The Claude myth makes old truths more expensive. Poorly documented and consequently poorly understood legacy applications, as well as cumbersome third-party management, were already problematic but not always given high priority. Banks and financial service providers should be familiar with their legacy systems and regularly assess their criticality. Furthermore, the operational feasibility of security measures relating to third-party ICT service providers must be scrutinised: escalation, information provision, audit, business continuity and exit are only helpful under time pressure if they actually work in practice.