“We’ve had the opportunity to test these models firsthand to see how good they are at finding vulnerabilities and generating exploits — and the short answer is, they are incredibly good at it,” said Lee Klarich, chief product and technology officer at Palo Alto Networks, in a live webcast Thursday.
Palo Alto is one of a dozen security firms testing Anthropic’s Mythos AI model through a preview program known as Project Glasswing. The company is also testing OpenAI’s latest models through a similar Trusted Access for Cyber program. Security and software companies were given early access to the models — which are on the cutting edge of AI development — to better understand their implications as both cyber weapons and defenses.
Although Anthropic and OpenAI have restricted access to their newest models, Klarich expects similar capabilities to become widely available within the next three to five months. “That’s generally how long it takes other models to catch up to whatever Anthropic, OpenAI and Google Gemini are building,” he said. “As these capabilities work their way into Chinese models and open source models, they will become more and more available.”
EXTRAORDINARY CAPABILITIES
Widespread availability will profoundly disrupt IT security.
Technology companies will use the models to address security flaws in existing software and create new products that are much more resistant to attack, he said. At the same time, the models could also gain knowledge that makes them more effective as cyber weapons.
“When you teach a model how to write secure code, you are also — perhaps even without knowing it — teaching a model how to find insecure code, which ultimately means finding and understanding vulnerabilities, which leads to exploits,” Klarich said.
MORE SECURITY PRESSURE
What’s the impact for states and localities? It will likely be significant new stress on organizations that already struggle to keep up with security threats. Here are some examples of what it could mean:
A deluge of vulnerabilities and patches. Companies will use AI to scour existing software products for vulnerabilities in a race to patch security flaws before attackers can exploit them.
“This means lots, lots, lots more patches will be coming your way,” Klarich said. “As that happens, there will be an increasing number of unpatched systems. Unpatched systems, of course, mean attackers will have more and more opportunities to write exploits.”
Increased supply chain risk. New AI models will trigger a spike in malware attacks delivered though standard software updates, Klarich said. Open source environments could be particularly hard hit, he added.
“The nature of open source means attackers will have access to the source code — and while source code isn’t required for these models to find vulnerabilities, it certainly makes it easier,” Klarich said. “Attackers will be able to roll through the millions of open source packages out there, scan for vulnerabilities and use that information to target organizations for exploitation.”
Faster, automated attacks. New AI tools will be able to largely automate the process of finding a software vulnerability and developing and executing an attack. That means organizations can no longer tolerate response and recovery times measured in days or even hours.
“With these models, we’ll start to measure attacks in minutes from start to finish,” Klarich said.
HOW TO RESPOND
As AI accelerates attacks, Klarich urged agencies to use automation to speed up the deployment of security patches and reduce the time it takes to detect and respond to security incidents.
“Start thinking about how you can reimagine your patching process,” he said. “Everyone I talk to — honestly, like 100 percent — doesn’t have enough automation in their patching process.”
Klarich added that companies like Palo Alto are exploring virtual patching — a technique that would automatically deliver protections for unpatched systems. This could be especially valuable for open source software, where the volume of patches could become overwhelming for organizations to deal with, and for industrial control and Internet of Things systems that are infrequently patched.
The evolving threat environment also heightens the need for security measures like extended detection and response, attack surface management, secure browsers, enhanced identity controls and zero-trust strategies.
“These are the types of technologies you’ll need, and you’ll want to make sure you have them fully deployed in optimal configurations,” Klarich said. “You have to take everything that is manual and turn it into AI and automation — there’s no way around it.”
