AiNews.com
Posts
Anthropic Warns of Escalating AI Security Risks Across Sectors

Anthropic Warns of Escalating AI Security Risks Across Sectors

Alicia Shapiro
March 20, 2025 • Estimated Reading Time: 8 minutes

Image Source: ChatGPT-4o

Anthropic Warns of Escalating AI Security Risks Across Sectors

Anthropic has issued a series of escalating warnings about the national security risks emerging from frontier AI models. Across cybersecurity, biosecurity, espionage threats, and global policy, the company’s leadership is underscoring the need for urgent action and deeper cross-sector collaboration to manage AI’s rapid advancement.

Cybersecurity: AI’s Rapid Capability Leap

Anthropic reports significant gains in AI’s cybersecurity abilities, raising red flags about dual-use risks. In the past year, its Claude models advanced from high school-level to undergraduate-level performance across various benchmarks:

On Intercode CTF challenges—simpler cybersecurity tasks designed for high school competitions—Claude’s success rate jumped from under 25% to nearly 100% within a year.

Line graph showing the Intercode CTF Challenge success rate from November 2023 to October 2024. The success rate increases from below 25% to nearly 100% over time, illustrating Claude’s rapid improvement in solving cybersecurity challenges designed for high school competitions.

Claude’s Cybersecurity Progress: Intercode CTF Challenge Success Over Time. Image Source: Anthropic

On the more advanced Cybench benchmark, Claude 3.7 Sonnet now solves about one-third of challenges within five attempts, up from just 5% last year. This benchmark presents more realistic and complex cybersecurity tasks, where models still lag expert humans.

Anthropic also partnered with Carnegie Mellon University to evaluate Claude’s performance in realistic cyber range environments. While the models are not yet capable of fully autonomous multi-stage cyberattacks, progress continues to increase.

Biosecurity: Claude’s Growing Expertise in Biology

Anthropic’s models have shown significant improvement in biological knowledge, especially in tasks relevant to biosecurity concerns. In just a year, Claude advanced from lagging behind world-class virology experts on lab troubleshooting tasks to confidently surpassing their performance benchmarks. Internal evaluations highlight that:

Claude models now outperform world-class virology experts on lab troubleshooting tasks, based on evaluations by SecureBio.
Research shows Claude is approaching human expert proficiency in understanding biology protocols and manipulating DNA and protein sequences and has already surpassed expert levels in cloning workflows.
Small-scale tests suggest that while models can assist novices in bioweapon planning scenarios, they still make critical errors preventing real-world success.

Anthropic emphasizes the need to monitor these advancements closely, investing in mitigations such as constitutional classifiers and AI Safety Level 3 protocols to stay ahead of potential misuse.

Bar graph displaying Claude models' performance across different versions (Sonnet 3.0 to Sonnet 3.7) on virology troubleshooting tasks, evaluated by SecureBio. The latest model, Sonnet 3.7, exceeds the human expert baseline, showing steady improvement over time.

Claude’s Biosecurity Progress: Virology Task Performance Compared to Human Baseline. Image Source: Anthropic

Strategic Partnerships Strengthening Evaluation

Anthropic has worked closely with external partners to rigorously evaluate and red-team their models. Collaborations with Carnegie Mellon University tested Claude’s cyber performance in realistic network environments, while both the U.S. and UK AI Safety Institutes independently evaluated their models' national security implications.

Anthropic also partnered with the National Nuclear Security Administration (NNSA), sharing risk identification data and mitigation strategies, which informed government-led red-teaming focused on nuclear and radiological risks. These partnerships ensure thorough oversight and foster broader knowledge-sharing across sensitive sectors.

Espionage: AI Secrets Targeted by Foreign Spies

Anthropic CEO Dario Amodei recently flagged another pressing risk: foreign espionage targeting AI labs. He specifically cited state-backed actors, including China, as potential sources of these threats, emphasizing the global race to control advanced AI technologies. Notably, Amodei revealed that China-based DeepSeek scored “the worst” on a critical bioweapons data safety test conducted by Anthropic.

Amodei warned that proprietary AI models, potentially worth over $100 million, could be reduced to just a few lines of code—making them highly portable, valuable targets for foreign intelligence services. While physical hardware is harder to steal, the ease of transferring AI models increases espionage risk.

To mitigate these threats, Anthropic calls for tighter lab security protocols, stricter employee vetting, and deeper collaboration with intelligence agencies to prevent these breaches.

Policy & Geopolitical Action: Anthropic’s Recommendations to the U.S. Government

In a comprehensive response to the White House's Request for Information on an AI Action Plan, Anthropic outlined six key recommendations to prepare the United States for the rapid advancements in AI expected by 2026–2027, which include models capable of Nobel-level reasoning, digital agent autonomy, autonomous decision-making, and the ability to interact with the physical world, presenting economic and geopolitical challenges.

These recommendations aim to harness AI's benefits while mitigating potential risks:

National Security Testing: Establish government-led programs to evaluate both domestic and foreign AI models for national security implications. This includes creating standardized assessment frameworks, building secure testing infrastructures, and assembling expert teams to analyze vulnerabilities in deployed systems.
Strengthening Export Controls: Tighten semiconductor export restrictions to ensure that the U.S. and its allies maintain a strategic advantage in AI development and to prevent adversaries from accessing critical AI infrastructure. This involves controlling high-performance chips, requiring government-to-government agreements for countries hosting large chip deployments, and lowering thresholds for exports that don't require licenses.
Enhancing Lab Security: Develop next-generation security standards for AI infrastructure by establishing classified communication channels between AI labs and intelligence agencies, expediting security clearances for industry professionals, and implementing robust security protocols to protect AI research and development environments and infrastructure.
Scaling Energy Infrastructure: Set a national target to build an additional 50 gigawatts of power dedicated to the AI industry by 2027. This ambitious goal aims to support the substantial energy demands of training and deploying advanced AI models, necessitating streamlined permitting and approval processes to expedite infrastructure development.
Accelerating Government AI Adoption: Conduct a government-wide inventory of workflows that could benefit from AI augmentation workflows. Agency leaders should identify and implement programs where AI can deliver significant public benefits, thereby enhancing efficiency and effectiveness in public services.
Preparing for Economic Impacts: Modernize mechanisms for economic data collection to monitor and respond to AI-driven changes in the economy. This includes updating the Census Bureau's surveys and metrics to capture the effects of AI on employment, productivity, and economic growth, ensuring that AI benefits are broadly shared across society.

These recommendations reflect Anthropic's commitment to balancing innovation with proactive risk management, aiming to maintain U.S. leadership in AI while safeguarding national interests.

What This Means

Anthropic’s series of warnings presents a cohesive and urgent message: frontier AI models are advancing rapidly across multiple sensitive domains—cybersecurity, biosecurity, espionage, and economic policy—and the current frameworks for managing these developments are under growing strain. While present-day models still have limitations, the pace of progress, particularly in dual-use capabilities, indicates that risks could soon outstrip existing safeguards.

For policymakers, researchers, and industry leaders, the takeaway is clear: national security concerns tied to AI are no longer theoretical. The combination of foreign espionage threats, bioweapon planning risks, and AI’s expanding autonomous abilities underscores the need for robust, forward-looking measures.

Anthropic’s approach—built on partnerships with institutions like the NNSA, AI Safety Institutes, Carnegie Mellon University, and intelligence agencies—offers a working model of how public-private collaboration can preemptively identify and mitigate emerging threats. Their recommendations to the U.S. government further highlight the need for systemic action: from tighter export controls and lab security to energy scaling and economic preparedness.

Looking ahead, the responsibility falls on governments and AI developers alike to stay ahead of the curve. Scaling up independent evaluations, enforcing stricter security protocols, and investing in transparent oversight frameworks will be essential to ensuring advanced AI technologies serve society’s interests—before they pose more immediate, uncontrolled risks.

At the same time, Anthropic’s strategy demonstrates that prioritizing safety need not stifle innovation. By building evaluation systems and safeguards alongside model development, AI labs can continue to advance the frontier responsibly, ensuring long-term benefits without compromising global security.

Editor’s Note: This article was created by Alicia Shapiro, CMO of AiNews.com, with writing, image, and idea-generation support from ChatGPT, an AI assistant. However, the final perspective and editorial choices are solely Alicia Shapiro’s. Special thanks to ChatGPT for assistance with research and editorial support in crafting this article.