James Corera, the director of the cyber, technology and security programme at the Australian Strategic Policy Institute, said that although the campaign was not a fully automated attack, it demonstrated how hackers could now hand off large parts of their work to AI systems.
“While the balance is clearly shifting towards greater automation, human orchestration still anchors key elements,” Corera said.
On Friday, Lin Jian, a spokesperson for China’s Foreign Ministry, said he was not familiar with Anthropic’s report, but decried “accusations made without evidence” and said that China opposed hacking.
AI researchers have long warned that the latest artificial intelligence tools could be used in cyber-attacks. But they have also said that the same tools would be beneficial in defending against such attacks.
Throughout the history of cyber security, new tools have typically provided novel forms of both attack and defence.
This is not the first time that makers of advanced AI systems have said attackers had used their technology.
Other United States companies, including Microsoft and OpenAI, have previously reported that state actors have used AI tools to enhance online attacks and surveillance operations.
Earlier this month, as part of its annual report on digital threats, Microsoft said that China, Russia, Iran and North Korea had significantly increased their use of AI to organise cyber-attacks against the US and deceive people online.
In February, OpenAI said it had uncovered evidence that a Chinese security operation had built an AI-powered surveillance tool to gather reports about anti-Chinese posts on social media in Western countries.
(The New York Times has sued OpenAI and Microsoft for copyright infringement of news content related to AI systems. OpenAI and Microsoft have denied those claims.)
In August, Anthropic said its AI technologies were used in sophisticated cyber-attacks and that such technologies had lowered the barriers to such crimes. That month, the company said Chinese hackers had used its AI to target telecommunications providers and government databases in Vietnam.
The Chinese Government has repeatedly criticised accusations that it engaged in or supported hacking.
In September, Anthropic announced that it was updating its terms of service to make it more difficult for people to gain access to its technology in locations where sales were already prohibited. The only country explicitly named as such a location in the announcement was China.
This article originally appeared in The New York Times.
Written by: Meaghan Tobin and Cade Metz
Photograph by: Marissa Leshnov
©2025 THE NEW YORK TIMES
