NEWSWEEK - analysis
Why the AI Nightmare Is a Dream Come True
Published
Jun 23, 2026 at 12:20 PM EDT
This week, the cyber agencies of the Five Eyes alliance—the U.S., Britain, Canada, Australia and New Zealand—issued a rare joint warning, one that underlined the growing worry around the rapid advances in artificial intelligence.
Frontier artificial intelligence models—those at the cutting edge of technological advances—are poised to transform offensive and defensive cyber capabilities on a timeline measured in months, the Five Eyes warned.
The message echoed recent fears about capabilities unleashed into the world by Anthropic’s Mythos, which was able to, in certain contexts, penetrate some of the National Security Agency’s (NSA) most secure networks.
Scary stuff. Mythos 5 and Fable 5, Anthropic’s two most advanced models, are suspended from public access after the White House pulled the plug over national security concerns, worried about what they could achieve in foreign hands.
The fears are all understandable. The mood across Washington and the West is close to panic. But there's a better, colder way of looking at this, one that perhaps should have boots quaking in Moscow and Beijing more than Washington.
These powerful tools are a strategic gift firmly in American hands first.
The Asymmetry Runs America’s Way
Anne Neuberger spent four years as the White House deputy national security adviser for cyber and emerging technology before joining Andreessen Horowitz, where she is now a general partner and head of global affairs.
"Fundamentally, AI is a dual-use technology," Neuberger, who also spent over a decade in senior NSA and Pentagon roles, told Newsweek.
"It helps our adversaries and it helps us. It helps offense and defense," she added, defining offense as "in our military and intelligence capabilities, for example in guiding a fleet of autonomous ships to achieve a military objective."
"It increases our advantage, certainly in intelligence collection—the first mover advantage, the ability to customize the models for use in classified missions.
"And at the foundation, having the physical compute infrastructure and human talent that makes training these frontier models possible enables this advantage."
Neuberger’s central point is the one missing from much of the panic.
"I do believe that it's asymmetrical in our favor when there are U.S. models, if we use them for both offense and defense," she said, adding: "We can get an advanced look."
This is "first-hand visibility into advances in AI with major implications for security, so we are less likely to be caught by surprise by an adversary’s AI advances, what the national security community refers to as ‘strategic surprise,’" she said.
That's the red-team dividend enjoyed by the U.S.: the country that builds the dangerous model gets the first painful inventory of its own weaknesses.
The dividend looks ugly because the findings are embarrassing. But it is supremely valuable because every confirmed flaw fixed in American infrastructure becomes an opportunity denied to hostile services.
Anthropic’s Project Glasswing—which took a defense-first approach to privately use Mythos to detect flaws in critical software so they could be patched—shows the logic in practice.
The project gives defenders early access to Claude Mythos Preview and brings together a range of launch partners, among them Amazon Web Services, Apple, Google, JPMorgan Chase, Microsoft, and NVIDIA.
The Mythos Preview surfaced valid vulnerabilities in open-source code and was on track, at then-current post-triage true-positive rates, to identify nearly 3,900 high- or critical-severity vulnerabilities in open-source projects alone.
Anthropic also said Mythos Preview found a 27-year-old vulnerability in OpenBSD, an operating system with a reputation for hardened security.
Not everyone is convinced. The security writer Bruce Schneier dismissed Glasswing as "a PR play," noting researchers had reproduced some of Mythos's findings with cheaper, public models.
But that skepticism doesn't refute the thesis. It cuts against the apocalypse, not the strategy. If the threat is being oversold, the case for panic gets weaker. Moreover, an oversold threat is still an argument for moving first, not for freezing.
And the offensive benefits are clear too.
Neuberger said that models trained and hosted domestically are "subject to our laws and security (e.g. we have less concerns about back doors being inserted during training)," and: "We can leverage them faster, including for classified missions, and finally, it gives up real leverage in setting global standards on safety."
'Not in Weeks, But Hours’
Senator Mark Warner, the Virginia Democrat and vice chair of the Senate Intelligence Committee, made the American fears plain.
Warner told The Economist that General Joshua Rudd, head of the NSA and U.S. Cyber Command, had said to him Mythos "broke into almost all of our classified systems, not in weeks, but in hours."
It was later clarified that the episode should be understood as a red-team exercise—a simulation of a cybersecurity attack—where teams typically began with some kind of initial access to the air-gapped classified network they were testing.
Mythos was used alongside other tools under particular conditions.
That distinction shows Mythos did not stroll into America’s secrets from a cold start. It was used in an authorized test of U.S. defenses, by U.S. teams, against U.S. systems, in conditions designed to find failure before an adversary does.
The exercise sounds terrifying because good red-team work is supposed to.
Public technical evidence points in the same direction.
The U.K. AI Security Institute said Claude Mythos Preview became the first model it tested to complete a 32-step corporate network attack simulation end to end, finishing three of 10 attempts and averaging 22 of 32 steps.
The same evaluation said the simulation had no active defenders and no defensive tooling, so the results did not prove Mythos could beat a well-defended network.
That caveat changes the policy lesson. The model’s power is real enough to force urgent adoption. But it is bounded enough to make defeatism look lazy.
China's Chase
Neuberger is too careful to turn the American edge into triumphalism.
She drew a line between the frontier and the broader market, where cheaper models can spread quickly even when they are less capable.
"Free models that are good enough and bring real capability will see a lot of adoption," she said. "In that case, the Chinese are doing quite well."
Her concern about Chinese open models is both technical and political.
"When I look at Chinese open-source models, I do have concerns about both the security and political propaganda aspects, she said, noting: "The risk of back doors inserted during training and lack of transparency on what data the models are trained on, and the answers one gets from these models are different on politically sensitive topics for China."
The U.S. is ahead, but China is "not far behind," writes Michael Horowitz of the Council on Foreign Relations, who notes that DeepSeek's latest model trails the American frontier by roughly three to six months, against an estimated seven-month overall lead.
But Horowitz argues the capability gap is the wrong thing to watch.
The contest that decides who turns AI into power, he writes, is the adoption race. And there China is formidable, pushing open models that are large, cheap and built for mass deployment at a fraction of the American price.
That is Neuberger's point with a price tag attached. The American frontier edge is real, but it sits atop a market the Chinese are flooding.
And the edge leaks. Anthropic has accused DeepSeek of distilling its Claude models through some 24,000 fraudulent accounts, extracting American capability rather than building it. DeepSeek denies misusing the data.
Owning the best tool counts for less if your rival can quietly copy its homework.
The optimistic claim is therefore narrower and stronger than America wins AI.
At the frontier, where coding, intelligence work and military applications live, U.S. models appear to hold an advantage, and Neuberger said they may give "the U.S. military and intelligence community an edge if they're adopted and deployed."
The "if" there says it all. A lead unused is a lead wasted.
Private Advantage
Democracies often field offensive tools faster than defensive systems, and Neuberger identified that lag as the danger inside the opportunity.
"Typically, and frankly, innovations have been adopted on offense and sometimes lag on defense, particularly in democracies," she said.
In cyber, she added, the U.S. government deliberately keeps its distance from private networks because "we don't want government monitoring private networks, in contrast to authoritarian governments like China and Iran that heavily monitor domestic networks."
The American model of limited government becomes a practical constraint because critical infrastructure is mostly in private hands.
"Our critical infrastructure is privately owned, so as a result, we only recently began requiring minimum cybersecurity for critical networks and we do not have government hackers defending even critical networks, like water or power," Neuberger said.
"The cost of that is now sharper in AI because it makes it harder for us to ensure that the private sector is deploying AI rapidly for cyber defense."
The ownership knot tightens around the private companies building the models.
Neuberger called this "the first truly advanced technology that has real impact in intelligence and warfare that's built and deployed by the private sector."
"On the one hand, the fact that the American innovation ecosystem has produced excellent models is a source of strength," she told Newsweek.
"The fact that it's in private sector hands means that U.S. government policy is grappling with an issue that is more complex.
"This is really something where we want American models to be broadly deployed around the world. We want the world to run on American tech—because we want the world to benefit from models they can trust that reflect our democratic values."
Anthropic’s caution about Mythos should be taken seriously.
It said the government directive suspending access to its latest models cited national security authorities but did not give specific details, and the company said it believed the concern involved a method for bypassing Fable 5 safeguards.
The company also said it had red-teamed Fable with the U.S. government, the U.K. AI Security Institute, private third parties and internal teams for thousands of hours, and that no tester had found a universal jailbreak.
The answer is disciplined use: classified testing channels, procurement leverage, model-security requirements, fast vulnerability disclosure, clear audit rules, and firm legal limits on domestic surveillance.
Fear can justify controls, but cannot justify surrendering the initiative.
The Clock Is Ticking
One major objection to all this is that America's head start may not last.
The same U.K. AI Security Institute that flagged Mythos has since found that OpenAI's GPT-5.5 matched it on the identical 32-step attack range—a second frontier model, from a different lab, clearing the same bar weeks later.
Anthropic itself expects company. Within six to 12 months, the firm has warned, rival labs will field Mythos-class models, some, potentially, with no safeguards at all.
And not everyone agrees that the asymmetry favors Washington in the first place.
One analysis for Harvard's Russia Matters runs the argument backward: that Russia stands to be the relative winner of AI-cyber proliferation, because its ready-made ecosystem of deniable criminal proxies and state-linked hackers is built to weaponize exactly this kind of capability jump.
The policy world sees the split. As AI policy strategist Joseph Hoefer puts it in Tech Policy Press, one camp sees only incremental risk—whatever Mythos does, rivals will soon do too—while the other warns you cannot un-export a capability once it has spread.
Both are right about the timeline. Neither is an argument for standing still.
A lead measured in months is still a lead—but only for whoever spends it.
The Door Needs a Lock
The Five Eyes warning is right about the clock.
AI is already lowering barriers for malicious actors, shrinking the window between vulnerability discovery and exploitation, and giving defenders tools to find vulnerabilities earlier, improve software quality, monitor unusual behavior and respond faster.
The agencies’ bluntest sentence should be read as strategy rather than scolding: "Adversaries are already using AI to move faster and more effectively. Defenders must do the same."
Mythos is a warning. It is also an instrument.
If a frontier model can chain together weaknesses inside U.S. red-team environments, it can plausibly help find them in adversary systems built under secrecy, sanctions pressure, corruption, and weaker private-sector accountability.
When America owns the leading tools, it has a chance to harden first and hunt faster.
Neuberger reached for an older dual-use contest to explain the shape of this one.
In submarine warfare, she said, every advance in American stealth also sharpened the work of monitoring the stealth of its adversary, "a constant back and forth, a constant game."
AI cyber power will be played the same way. Offense and defense will ratchet against each other. The advantage will go to the country that iterates fastest.
The danger is real, but the panic? That's optional.
America may have built something its rivals cannot yet match, tested it against the hardest target it owns, and found cracks before hostile services could exploit them.
The risk is the very American habit of sprinting on offense and dawdling on defense—of training the world’s finest burglar and forgetting to lock its own door.
In a polarized era, the center is dismissed as bland. At Newsweek, ours is different: The Courageous Center—it's not "both sides," it's sharp, challenging and alive with ideas. We follow facts, not factions. If that sounds like the kind of journalism you want to see thrive, we need you.
No comments:
Post a Comment