At RSAC 2026, former NSA cyber chief Rob Joyce discussed the alarming implications of the Anthropic report detailing how Chinese cyberspies exploited Claude AI for cyberattacks. He highlighted divided opinions within the infosec community, emphasizing that, despite criticism, the report revealed significant insights into offensive cyber operations. The Beijing-backed hackers automated attack strategies using agentic AI to map attack surfaces, identify vulnerabilities, and escalate access within networks, ultimately stealing sensitive data. Joyce reinforced the efficacy of these AI-driven attacks, warning that advancements in AI will exponentially enhance automated threats. He also pointed to beneficial applications, where AI systems like Google’s Big Sleep can assist in identifying zero-day vulnerabilities, leading to improved security measures in popular software like Google Chrome. Joyce urged defenders to prioritize security fundamentals and leverage AI tools for proactive security assessments, advocating for agentic red teaming to safeguard against inevitable attacks.
Source link
