Public sector banks are gearing up to significantly raise their IT spending to strengthen systems, protect customer data, and secure financial assets amid growing global concerns over Anthropic’s Claude Mythos AI tool and its implications for financial cybersecurity.
Mythos, equipped with advanced coding capabilities, has demonstrated an unprecedented ability to detect vulnerabilities and potentially exploit them, triggering fears that such technology could be used to disrupt banking networks.
Responding to the emerging threat, Punjab & Sind Bank MD and CEO Swarup Kumar Saha said lenders will have to step up investments in IT infrastructure to make systems more resilient and reduce cyber risks. He confirmed that the bank plans to increase its IT spending in the current financial year to tackle challenges posed by evolving technologies.
Similarly, UCO Bank MD and CEO Ashwani Kumar indicated that the bank’s IT budget will be higher than last year, with a major focus on cybersecurity measures.
The urgency has been reinforced by Nirmala Sitharaman, who recently urged banks to adopt proactive safeguards after Mythos showed it could identify weaknesses in operating systems and potentially launch cyberattacks.
“Banks in India are now entering a phase where IT spending must shift from being a ‘cost of running’ to a ‘cost of surviving’,” said Srinivas L, Joint MD and Joint CEO of 63SATS Cybertech Limited, a subsidiary of 63 moons technologies limited.
Also read: West Asia crisis: Leather, footwear industry seeks duty exemption
He pointed out that the time between disclosure of software vulnerability and its exploitation has shrunk dramatically—from around 19 days in 2023 to less than 72 hours today. Meanwhile, many banks are still relying on patching and response cycles designed for a 2019 threat environment, effectively trying to counter modern cyber threats with outdated systems. He added that simply deploying more tools is not enough to address the evolving risk landscape.
To tackle these concerns, the government has set up a panel under C S Setty, Chairman of State Bank of India, to evaluate risks arising from the Mythos platform and recommend mitigation strategies.
Sitharaman also noted that banks will engage in extensive discussions over the coming weeks to better understand emerging threats and identify areas requiring additional investment.
Regulators are increasingly alarmed by Mythos, viewing it as a serious challenge to the banking sector, particularly given its reliance on legacy systems. Banks and financial institutions are especially vulnerable due to their high level of interconnectedness across payment systems, markets, and clearing networks, all operating in real time.
A single successful cyberattack could quickly cascade across institutions and markets, as banks are deeply linked with domestic and global systems for payments, forex trading, money markets, stock exchanges, depositories, and payment gateways.
Concerns intensified after the pilot launch of Claude Mythos on April 7. During internal testing, Anthropic reported that the model demonstrated exceptional capabilities in cybersecurity and hacking tasks, even outperforming human experts.
“Mythos preview has already found thousands of high-severity vulnerabilities, including some in every major operating system and web browser,” the company said.
Anthropic also provided early access to 12 technology firms under Project Glasswing, an initiative it described as aimed at securing critical global software infrastructure.
Follow us
