AISI Finds Claude Mythos Preview Solves 32-Step Cyber-Attack Simulation Autonomously
TL;DR: The UK AI Security Institute has published its evaluation of Anthropic’s Claude Mythos Preview, reporting a 73% success rate on expert-level capture-the-flag tasks and — for the first time across any model it has tested — full completion of its 32-step “The Last Ones” enterprise-network attack range on three of ten attempts. UK regulators, including the Bank of England, are convening a CMorg briefing within the fortnight.
AISI has tracked AI cyber capability since 2023 and has progressively raised the difficulty of its evaluations. Mythos Preview represents “a step up over previous frontier models” in a field that was already improving rapidly, the Institute said.
Context and Background
The capture-the-flag results set the scale. On expert-level challenges — a threshold no model could cross before April 2025 — Mythos Preview succeeds 73% of the time. More significantly, AISI’s “The Last Ones” range spans 32 steps from reconnaissance through full network takeover, a workflow the Institute estimates takes human experts around 20 hours. Mythos Preview is the first model to complete it from start to finish; Claude Opus 4.6, the next-best model tested, averaged 16 of the 32 steps.
AISI flags important caveats. Its ranges lack live defenders, endpoint detection, or real-time incident response, which means the results establish that Mythos can attack weakly-defended systems autonomously — not that it can breach hardened enterprise networks. The evaluation also used a 100 million-token inference-compute budget, and AISI expects performance to scale further beyond that limit. The model also failed AISI’s “Cooling Tower” operational-technology range, though it got stuck on IT-layer sections rather than OT-specific controls.
The UK regulatory response is moving in parallel. The Telegraph reports the Bank of England’s Cross Market Operational Resilience Group (CMorg) — chaired by risk chief Duncan Mackinnon and attended by Treasury, National Cyber Security Centre and FCA officials — will brief UK bank and insurance chief executives on Mythos within two weeks. Goldman Sachs chief executive David Solomon confirmed on Monday that his bank is already working with Anthropic on defences. Anthropic has released a limited version of Mythos to roughly 40 organisations, including JP Morgan, Google and Nvidia.
For UK organisations, AISI’s bottom line is operational: cybersecurity basics — patching discipline, access controls, hardened configuration and comprehensive logging — still matter. AISI explicitly points to the NCSC Cyber Essentials scheme as the baseline framework. What changes is the attacker’s speed and patience profile: multi-step, days-long reconnaissance becomes feasible without a human driving each step.
Looking Forward
AISI says its future work will move to ranges simulating hardened, actively defended environments, and it will track AI-enabled vulnerability discovery and penetration-testing campaigns against real systems. For UK boards and CISOs, the near-term implication is a tabletop exercise refresh: attacker assumptions built around human-paced operations need updating to reflect autonomous multi-step capability.