🌅 Chinese Hackers Used AI to Automate Espionage

SOURCE

Anthropic

WHAT TO KNOW

• A group of Chinese state-sponsored hackers used Anthropic’s AI agent to automate a series of online attacks targeting around 30 organizations, including government agencies, tech companies, financial institutions, and chemical manufacturers. Anthropic—maker of the popular Claude AI platform—issued a report detailing the attacks, finding the attackers bypassed the company’s safeguards by tricking Anthropic’s Claude Code tool into engaging in a sort of role-playing, making the system believe it was simply assisting authorized hackers in testing the quality of the organizations’ online defenses.

WHY IT MATTERS

• The campaign, which was first detected in mid-September, is believed to be the first documented case of a large-scale state-sponsored cyberattack executed without human intervention. Anthropic says the attackers used Claude Code’s ability to act independently to an “unprecedented degree,” getting the system to not only advise the attackers, but actually carry out the attacks themselves. The company says the attacks progressed at a speed that would have been “simply impossible” for humans to match.

CONNECT THE DOTS

• In early October, just after Anthropic detected the attacks, the company released a blog arguing an “inflection point” had been reached in cybersecurity, claiming AI models have become genuinely useful for cybercriminals and calling for an acceleration in the defensive use of AI to secure technology and infrastructure. Anthropic believes the attacks are only going to get more sophisticated and effective over time, suggesting less experienced groups with far fewer resources now have the potential to perform large-scale attacks.