ANALYSIS: Big Tech Sets AI to Catch AI

The rapid adoption of generative AI in cyber‑crime has moved beyond experimental scripts to large‑scale, automated attacks. The recent compromise of Mexico’s tax authority illustrates how AI can orchestrate complex intrusion chains, using thousands of prompts to bypass defenses in under an hour and exfiltrate millions of personal records. Analysts cite the AI Incident Database, which now logs over 7,000 AI‑enabled hacking events, underscoring a trend where threat actors treat AI as a force multiplier rather than a niche tool.

Simultaneously, AI research labs are confronting the same technology’s offensive potential. Anthropic’s Mythos demonstrated the ability to autonomously discover and exploit vulnerabilities across operating systems and browsers, prompting the firm to withhold public release and repurpose the model for defensive purposes. Project Glasswing, a coalition that includes Microsoft, Amazon, Google, Apple, Cisco, NVIDIA, the Linux Foundation and JPMorgan Chase, aims to transform such capabilities into real‑time threat detection, phishing mitigation and anomaly monitoring. By restricting access to high‑risk models, these companies seek to give defenders a head start before malicious actors can weaponize similar tools.

The broader implication is a reclassification of advanced AI from a software product to critical infrastructure. This paradigm shift drives new governance models, where access controls, partnership vetting and regulatory oversight become essential to prevent an AI arms race. Enterprises must now evaluate AI risk alongside traditional cyber‑security measures, investing in AI‑enabled defenses while monitoring policy developments that could dictate model availability. As AI continues to blur the line between defensive and offensive capabilities, its strategic management will likely shape the next era of digital trust and resilience.