AI Security Alliance 'Glasswing' Leaves Korea Out... Will It Miss the July Golden Time? [AI Backlash]

The pace of artificial intelligence (AI) development is quickly outstripping human expectations. Its benefits are enormous, but if it is misused or slips beyond human control, the scale of damage could also become unimaginable. As AI becomes an essential tool for people, the burden of usage fees and infrastructure maintenance costs is also expected to rise exponentially. Financial News has launched a series under the theme of "AI Backlash" to examine the risks hidden behind AI-driven efficiency.
Concern is spreading over the so-called "Mythos Shock" triggered by Claude Mythos, a cybersecurity-focused AI model developed by the U.S. AI company Anthropic. As AI moves beyond being a simple coding tool or a vulnerability-analysis aid and becomes an active agent in hacking attacks, calls are growing to rethink response strategies.
■ "The golden time lasts until July"
According to the IT industry on the 26th, experts are converging on the view that in the AI-versus-AI competition, it is urgent to move beyond the existing security paradigm and redesign infrastructure, while also reforming the laws and institutions needed at the government level. At a roundtable co-hosted by PwC Consulting and Democratic Party of Korea lawmaker Yoo Dong-soo on the 23rd, Sangkeun Lee, head of the Korea University AI Security Research Institute, said, "The golden time lasts until early July, when vulnerability information related to Claude Mythos is expected to be widely disclosed," adding, "The NIS should lead the effort to prepare emergency patch guidelines for operating systems, browsers and open-source software as a whole."
There were also calls for integrating the response system along with the redesign of the security framework. Professor Lee Seong-yeop of Korea University said, "Cybersecurity governance needs to be made more efficient and integrated," adding, "An attacking AI does not target each ministry separately, so it is not appropriate to divide the response."
The financial sector is especially sensitive to Mythos Shock among all industries. The reason it is particularly on edge is that financial systems have evolved over decades by stacking patches on top of old legacy code. If Mythos finds vulnerabilities in old code that humans failed to notice, the entire national infrastructure could be paralyzed.
Anthropic's recently unveiled Claude Mythos is said to deliver overwhelming performance in coding, reasoning and cybersecurity, and to be capable not only of detecting vulnerabilities but also of generating actual attack code. For just $20,000, the AI reportedly broke through defenses that countless experts had spent 27 years auditing and testing, and concerns deepened after its potential for autonomous hacking, including sandbox escapes, was confirmed. Anthropic then halted public release.
■ "It must be included in Project Glasswing"
Anthropic is currently operating an early-access program called Project Glasswing for 40 companies and institutions, including Google LLC, Apple Inc., AWS and JPMorgan Chase, allowing limited access to Claude Mythos. However, because the information is shared only within the alliance in a closed format, there are concerns that countries or companies not invited to Project Glasswing could be excluded from the latest cybersecurity supply chain. The Korean government is also moving to respond, but with no Korean company included in Project Glasswing, it has yet to come up with a clear solution.
The government is reportedly seeking additional contact through corporate networks and diplomatic channels. Immediately after Claude Mythos was made public, the Ministry of Science and ICT urgently summoned chief information security officers from the three major telecom carriers, major platform companies, and firms in finance, manufacturing and healthcare for a series of meetings. The Office of National Security also called for a joint public-private-military response.
wongood@fnnews.com Ju Won-gyu Reporter