February 26, 2026

Fighting AI Cyberattacks Starts with Knowing They’re Happening

By: Janet Egan and Michelle Nie

This article was originally published in Lawfare.

Anthropic reported in November 2025 that Chinese threat actors used its Claude model to launch widespread cyberattacks on companies and government agencies. More specifically, Chinese actors jailbroke Anthropic’s coding tool, Claude Code, and used it to target 30 companies and government agencies around the world, marking the first known large-scale cyber campaign executed with minimal human involvement. This reported development is certainly unsettling, but far more alarming are future attacks that might go undetected. Anthropic caught this attack only because it happened on its platform where it has internal threat intelligence teams monitoring for abuse. The vast majority of AI-enabled attacks, however, won’t be so visible. To address this issue, artificial intelligence (AI) developers and policymakers must establish the mechanisms to better observe and understand this emerging threat landscape—before it’s too late.

The U.S. government currently has no systematic way to identify whether a cyberattack resulted from novel AI capabilities or more conventional methods.

The advent of AI agents—systems capable of performing tasks autonomously—enhances the capabilities of both cyberattackers and defenders. AI agents can enable faster and more widespread attacks. But these same capabilities can also significantly enhance defenders’ ability to detect intrusions and respond more rapidly. The challenge is that offensive adoption is likely to be faster and less constrained, driven by attackers’ willingness to take risks and accept collateral damage—making incidents like this an early warning rather than an anomaly.

Read the full article in Lawfare.

More from CNAS

View All Reports View All Articles & Multimedia