The creators of the AI chatbot Claude have accused hackers linked to the Chinese government of using their technology to automate cyberattacks on nearly 30 organisations worldwide.
Anthropic labelled this as the “first reported AI-orchestrated cyber espionage campaign,” though some experts remain sceptical.
Anthropic discovered the attacks in September, when hackers posing as cybersecurity researchers commanded Claude to perform small automated tasks that combined into a sophisticated espionage effort. Targets included major technology firms, financial institutions, chemical companies, and government agencies, but specific names were not revealed.
The hackers used Claude’s coding skills to build software enabling mostly autonomous breaches with minimal human input. Anthropic claims Claude successfully infiltrated several unnamed organisations and extracted sensitive data, then blocked the attackers and alerted relevant parties.
Despite these claims, cybersecurity experts called for more concrete evidence. Martin Zugec of Bitdefender said, “Anthropic’s report makes bold, speculative claims but doesn’t supply verifiable threat intelligence evidence.” He stressed the need for transparency to understand the real danger posed by AI-driven attacks.
Similar reports have emerged from other AI providers. Earlier in 2024, OpenAI revealed it disrupted activities by state-linked actors using AI mainly for information gathering and basic coding, rather than full automation.
Some researchers argue AI is still too limited for fully autonomous cyberattacks. A recent Google study highlighted growing hacker interest in AI but deemed current threats experimental and not widespread. Meanwhile, China’s US embassy denied any involvement.
Anthropic acknowledged Claude’s imperfections, including fabricating false credentials and misreporting publicly accessible information as secrets, showing current obstacles to fully automated cyber warfare.