"AI Hacks AI" ... Security Shaken by Mythos

Since Anthropic unveiled its AI-based security tool, Claude Mythos, calls have grown in South Korea and abroad for stronger defenses against AI-driven attacks. Experts say existing measures, such as tightly controlling security access rights or responding with manual patches after vulnerability detection, are not enough to stop intelligent AI-powered attacks.
According to the IT industry on the 26th, NAVER Cloud said in a report released on its official blog, titled "Security Trends in the Second Half of 2026," that conventional methods of physically controlling network boundaries are no longer sufficient to block sophisticated threats. The most dangerous factor is agentic AI. If hackers use autonomous AI for attacks, they can carry out infiltration and secondary actions at the same time, unlike in manual attacks. Their targets are not only security networks but also the AI systems used by victim companies. The report also noted that "prompt injection" attacks, which use sophisticated prompts to break through AI defenses, could become a channel for leaking corporate secrets. It added that changes in cloud environments are also creating new attack routes.
As Claude Mythos, which Anthropic has disclosed only to select companies, uncovered numerous weaknesses in existing security systems, OpenAI, Google LLC and other Big Tech firms, along with global security companies, launched "Project Glasswing." The initiative is a global collaboration project that discusses defense systems against AI cyberattacks. There are also concerns that, because the project is effectively run on a U.S. company base, the security gap between participating and non-participating countries could widen further.
According to CrowdStrike Holdings, Inc.'s "2026 Global Threat Report," AI-based cyberattacks surged 89% in a year, while cyberattacks are now occurring every 29 minutes, 65% faster than in 2024. Unlike in the past, when hackers had to find system vulnerabilities one by one and design infiltration routes manually, AI now designs attack scenarios on its own, making hacking increasingly automated and mass-produced. In fact, the "Mithril Security Report" jointly published by the Cloud Security Alliance (CSA) and SANS Institute found that the time from vulnerability disclosure to real-world attack, or TTE, fell from an average of 2.3 years in 2018 to 20 hours in 2026.
Corporate security damage is also rising sharply. According to the ransomware tracking site Ransomware.live, the number of ransomware incidents worldwide last year reached 8,159, the highest level in the past three years.
wongood@fnnews.com Juwon Gyu Reporter