How not to defend against cyberthreats

Tuesday, June 16, 2026

The U.S. government issued an export control restricting foreign access to Anthropic’s advanced AI models Claude Fable and Mythos 5 amid concerns they were exploited for cyberattack intelligence, leading Anthropic to disable the tools worldwide after just three days. This move highlights increasing cybersecurity worries but may hinder defenders more than attackers by limiting access to powerful AI resources crucial for identifying and mitigating vulnerabilities.

The U.S. government on Friday issued an export-control order targeting Anthropic, a prominent artificial intelligence lab known for developing advanced AI models such as Claude Fable and Mythos 5. Citing concerns that the Fable model had been compromised and used to extract information potentially useful for cyberattacks, officials barred foreign nationals from accessing these AI tools. As a result, Anthropic disabled both models globally after they had been publicly available for only three days.

The decision reflects growing apprehension over the role of AI in cybersecurity threats. However, experts and industry observers suggest that the move may have unintended consequences. Cybersecurity traditionally involves a continuous cycle of attackers exploiting vulnerabilities and defenders patching them, with AI increasingly serving as a crucial tool for both discovering and addressing flaws. By restricting access to Anthropic’s models, the government effectively removed a valuable resource from defenders’ toolkits.

While Anthropic’s models are regarded as among the most capable currently available, competitors such as OpenAI’s GPT-5.5 approach similar levels of performance in identifying software vulnerabilities, according to the London-based AI Security Institute. Additionally, less advanced but rapidly improving AI models from China continue to proliferate. Critics argue that the export-control action against Anthropic has not diminished the cyberthreat but rather limited defenders’ capabilities without curbing adversaries.

The timing and approach of the government’s intervention have also drawn scrutiny. Just 10 days prior, the Trump administration had established a voluntary review framework for frontier AI models, underscoring that it would avoid imposing licensing or preclearance mandates. Yet, at the first indication of risk, officials swiftly reversed course. Reports suggest that discussions between government representatives and Amazon CEO Andy Jassy influenced the decision; Jassy’s company has ties to Anthropic through executive chairman Jeff Bezos.

Anthropic itself has attracted criticism for positioning its newest models as transformative technological breakthroughs rather than incremental advancements. While such marketing is common in the tech sector, it may have contributed to heightened regulatory scrutiny. Nonetheless, experts emphasize that the risks associated with AI in cybersecurity extend beyond any single company’s offerings and that combating these threats requires broader access to advanced AI tools.

As AI rapidly evolves, balancing security concerns with innovation remains a complex challenge. Industry analysts contend that restricting key technologies may impede defenders more than malicious actors, underscoring the need for nuanced policies that promote responsible development and deployment rather than blunt prohibitions.