Last week, researchers from Anthropic made headlines by claiming they had detected what they described as “the first cyber-attack operation coordinated by AI.” This operation reportedly involved the use of the company’s own Claude AI tool to automate a significant portion of the attack, targeting dozens of organizations. However, external experts have approached these claims with skepticism.
In two reports released on Thursday, Anthropic detailed a “highly sophisticated attack campaign” that utilized Claude Code to automate as much as 90% of the hacking process, requiring only minimal human intervention at critical decision points. According to Anthropic, the attackers—identified under the codename GTG – 1002—leveraged AI agents to perform tasks with an “unprecedented” level of autonomy.
“This operation has significant implications for cybersecurity in the era of AI agents,” stated Anthropic. They emphasized that while such systems can enhance productivity and streamline operations, their misuse could facilitate large-scale cyber-attacks with far-reaching consequences.
Despite the alarming nature of these claims, many in the cybersecurity community have raised eyebrows, interpreting Anthropic’s findings as potentially overblown marketing strategy rather than a genuine breakthrough in attack methodology. One overseas netizen described the reports as reminiscent of marketing hype surrounding the PlayStation 2 and its purported use in military applications.
See also
Western Digital Surges 250% in 2025, Outperforming Nvidia as AI Demand SoarsNotably, Yann LeCun, chief scientist at Meta and a Turing Award recipient, expressed concerns over the implications of such claims, suggesting they may be part of a broader regulatory strategy aimed at monopolizing the AI industry. He cautioned that questionable research could be used to push for regulations that stifle open-source models.
The skepticism extended to other industry experts as well. Jeremy Howard, co-founder of AnswerDotAI, remarked wryly that the narrative seems to be a strategic ploy to influence government regulatory actions, thereby securing profits for private sector players.
Further reinforcing this skepticism, Arnaud Bertrand, an entrepreneur, shared his experience with Claude, asking it to analyze its own report for evidence of state-sponsored involvement in the attacks. The AI’s response was blunt: “No.”
A netizen also pointed out that the alarmist narrative surrounding AI capabilities often ignores the well-established tools available to ethical hackers, suggesting that AI’s role in cyber-attacks might not be as revolutionary as anticipated. Kevin Beaumont, an independent researcher, noted that the attackers did not invent any new techniques, reaffirming the sentiment that AI’s integration into these operations has not significantly transformed the threat landscape.
Anthropic’s reports indicate that GTG – 1002’s approach involved automating attack processes through a framework that minimizes human oversight. The reports describe a multi-stage attack that integrates Claude within an automated system capable of managing reconnaissance, initial intrusion, and data exfiltration, all while adapting based on real-time feedback.
However, the reports did not disclose crucial technical specifics, such as the tools used or the exact vulnerabilities exploited. This lack of transparency has drawn criticism from professionals in the field, who argue that credible threat intelligence must include actionable details, such as Indicators of Compromise (IoC) or tactical methodologies.
Critics like djnn, a software engineer engaged in offensive security, assert that Anthropic’s findings do not meet professional standards for cybersecurity research. They emphasize that unverified claims about AI’s role in vulnerability exploitation and data exfiltration lack the necessary evidential support and could lead to serious diplomatic consequences if misattributed.
In conclusion, while the narratives surrounding AI’s capabilities in the cybersecurity realm continue to evolve, skepticism remains a crucial component of responsible discourse. The potential for AI-driven operations poses challenges that demand careful scrutiny and rigorous examination to ensure that both the risks and the realities are accurately represented.
