Anthropic has turned off access to its latest generation of artificial intelligence (AI) models for all customers following the issuance of an order from the U.S. government directing the company not to allow those models to be accessed by any foreign national, whether inside or outside the United States.
The Trump administration, in the name of national security, is relying on its authority to invoke export controls to compel Anthropic to prevent access to Fable 5 and Mythos 5 AI models by any foreign national. However, because Anthropic is concerned that foreign nationals might find some means to access these models, it has decided to turn them off for all users.
According to Anthropic, U.S. government officials are specifically concerned there is a method for bypassing, or jailbreaking, safeguards that would prevent Fable 5 from being used in identifying software vulnerabilities.
The U.S. government has not shared the details of the method that might be used to bypass Anthropic’s safeguards. Anthropic claims it has instituted strong safeguards and a defense-in-depth cybersecurity strategy that greatly reduces the likelihood that Fable 5 is misused for tasks such as discovering vulnerabilities in software, which it noted have been tested by relevant agencies in both the U.S. and United Kingdom (UK).
However, Anthropic has previously acknowledged every safeguard used in the industry is vulnerable to non-universal jailbreaks that can elicit some cyber information in specific circumstances, and it is likely that universal jailbreaks will eventually be found in the future. The jailbreaks disclosed to Anthropic have either produced entirely benign responses or minor findings that provide no specific uplift to access its latest generation of models.
In general, Anthropic said its goal is to make jailbreaks either narrow in the case of non-universal jailbreaks or very expensive to produce in the case of universal jailbreaks. It is also monitoring interactions to quickly detect and shut down any such attacks, which is why the company now requires customer data to be retained for 30 days.
Concerns about the degree to which the latest generation of AI models could be used by malicious actors not only to detect thousands of zero-day vulnerabilities but also to generate exploits in a matter of hours extend well beyond the latest offerings from Anthropic. Cybersecurity researchers are already using other models to detect vulnerabilities and the expectation is that, as the providers of these models continue to improve reasoning capabilities, they will become increasingly capable of detecting vulnerabilities and generating exploits.
The U.S. government, in the meantime, is squarely focused on Anthropic following that company’s decision to limit the U.S. Department of Defense’s (DOD) access to AI models that would be used to find targets or launch cyberattacks.
Mitch Ashley, vice president and practice lead for software lifecycle engineering at the Futurum Group, said we’ve reached the point where a government directive can pull frontier models from the market at anytime, undercutting the provider’s own deployment decision. Model access is now a governed dependency, and the ceiling on what enterprises can build sits partly outside both the customer and the vendor, he added.
This brings question to the release-to-compete mantra model providers have adopted to stay ahead of competitors, noted Ashley. Organizations that standardized on these models need continuity planning the way they treat any critical supplier: tested fallbacks, portability across providers, and contracts that assume access can be revoked for reasons the customer cannot influence, he added.
While it remains unclear how this latest development in that conflict might be resolved, the one thing that is certain is that inevitably the security of trillions of lines of code that have already been deployed is now fundamentally at risk.
