Exploits don't cause cyberattacks
On thinking clearly about frontier AI advances and cyber conflict
As far as I can tell, here’s the median model of attacker behavior people are using in their Claude Mythos hot takes.
Exponential growth in AI vulnerability discovery capabilities will cause exponential growth in cyberattacks.
Of course, if you say the silent part out loud, sometimes the full statement is:
… and this is why you should buy our product.
Anyways, the problem with this framing is that if it were true, we’d expect the following similar theses to already have borne out:
Cheap, ubiquitous, Turing Test passing AI chat capabilities will cause a tsunami of social engineering attacks.
Cheap, ubiquitous, Turing Test passing AI voice dialogue capabilities will mean a huge surge in phone-based scams and fraud.
Widely accessible AI deepfake technology will lead to a deluge of misinformation.
While we’ve seen some of that stuff in the wild, we’ve seen way less of it than the more breathless and apocalyptic takes suggested we’d see. It hasn’t been “the sky is falling,” it’s been “oh look, the attackers have a new tool which they sometimes pick to achieve some of their goals.”
And notice that these capabilities are now essentially free, trivially accessible, and require no special sophistication to use, so if the “more capabilities, more attacks” logic were mechanically true, these should have been borne out.
The fact that adoption has been incremental even here makes the case for AI vulnerability research causing a rapid explosion of attacks much harder to sustain, because operationalizing novel exploits against real targets requires significantly more skill and infrastructure than scaling up a criminal phishing business with AI.
Let’s take a breath here for the key point of this essay. Technologies don’t cause attackers to do cyberattacks; rather, attackers do cyberattacks to achieve their desired outcomes in the easiest ways possible in their own social, economic, and political settings.
Seen in this light, we can see how most of today’s attacker constituencies can currently achieve most of their desired outcomes using traditional means: simple phishing, credential stuffing, exploitation of known CVEs, etc. These constituencies aren’t likely to explode into hockey-stick adoption of AI vulnerability research tools.
This should discipline our thinking about Mythos generating a discontinuous volume of cyberattacks, because, again, most attacker constituencies just aren’t blocked by vulnerability research for most of their workflows.
None of this is meant to suggest there aren’t reasons to observe, orient, decide, and act around the risks and opportunities Mythos presents or that we aren’t walking a slow rising exponential of attacker AI adoption; but we should approach understanding the risk (and addressing it) with actor-centric research questions:
What goals will attackers pursue with frontier models that they couldn’t achieve already?
Which attacker constituencies will be unblocked by Mythos’ vulnerability research capabilities, and how much more would they accomplish?
Remembering that attacker constituencies are people, what are the cultural and organizational barriers to adoption, and how much will those slow things down?
Getting clear on answers to these questions would help us anticipate and posture-harden around the precise nature of coming risk, and help us avoid the pattern our community falls into where we go from one reactive, simplistic, apocalyptic take to the next instead of building the kind of durable analytical foundation that would let us actually get ahead of the threat landscape.
The approach you take is the same approach that we used in government when our job was to be accurate rather than to write things that are share-worthy, help our marketing/advocacy/ whatever cause. Thanks for writing this.
It has, though? I mean, we could quibble over "deluge", but the Internet Crime data shows a pretty consistent 20-30% increase in dollar loss to fraud since 2020, with a $4.2bn loss in 2020 increasing to a $20.9bn loss in 2025.
https://www.ic3.gov/AnnualReport/Reports/2025_IC3Report.pdf
(If there's a better data source than this let me know!)
Attackers have organizational friction, but I'm pretty sure it's less than that of defenders.