New artificial intelligence bots could drain nation's cash machines
A powerful new artificial intelligence (AI) tool could be used by hackers to break into bank computer systems and even drain hole-in-the-wall ATMs of cash, cybersecurity experts warned this weekend.
The Bank of England is preparing to hold crisis talks with leading lenders this week as concerns grow about the threat AI systems pose to the global financial system.
British banks are set to be given early access to stress-test their cyber defences against Claude Mythos, a state-of-the-art AI bot developed by Silicon Valley start-up, Anthropic.
The tech firm sent shockwaves through the cybersecurity world this month by claiming Mythos had autonomously unearthed unknown bugs in every major operating system and internet browser, some of which were up to 27 years old.
The news potentially exposes all companies to a new breed of cyberattacks that can be launched at speeds far faster than any human hacker.
Anthropic considers the tool so powerful that it has restricted access to a few tech giants and global banks, to give them a chance to boost their security.
Unlocking the door: The Bank of England is preparing to hold crisis talks with leading lenders as concerns grow about the threat AI systems pose to the global financial system
Share this article
Experts say banks are particularly exposed because, in many cases, they still rely on decades-old kit to perform the bulk of transactions. One of the systems at heightened risk of attack is COBOL, a computer programming language that forms the backbone of modern banking.
The legacy software hails from the 1960s but remains in widespread use due to its proven reliability and the reluctance of banks to replace or modernise their core systems that process trillions of pounds worth of transactions each day.
Shares in computing giant IBM suffered their biggest one-day fall in 25 years recently after Anthropic announced a new AI tool with COBOL capabilities.
The software is still deeply embedded in the US tech giant's mainframe systems.
Radi El Haj, who runs payment systems provider RS2, said that most financial transactions are processed through COBOL, including nearly all cash machine withdrawals. The risk of replacing COBOL was 'huge', he added. Experts say the new bugs that Anthropic exposed within COBOL and interlinking systems can't easily be fixed because the software was developed by specialists who are either deceased or retired, making updates and workarounds difficult.
The risks are compounded by a lack of documentation.
'You're reverse-engineering business logic from systems built when Nixon was president,' Anthropic said in a recent blog.
COBOL is now taught by only a 'handful' of universities and finding engineers who can read it 'gets harder and harder every quarter', Anthropic added.
Cash machines are already vulnerable to gangs who use dumper trucks or diggers to physically rip out ATMs.
They can also be compromised when fake card readers are installed over real ones to dispense cash, a trick known as 'skimming'. But the rise of AI tools like those being developed by Anthropic raises the prospect of a surge in remote heists called 'jackpotting' if the technology falls into the wrong hands.
Jackpotting occurs when cyber criminals take control of ATM systems and command them to spew out cash on demand, emptying the machines rather than customer accounts.
The Bank of England is understood to be working closely with the Treasury, the Financial Conduct Authority and the National Cyber Security Centre to understand and assess the risks posed by recent advances in AI.
Its Cross Market Operational Resilience Group will meet this week with the biggest lenders and other financial institutions to discuss the latest developments at Anthropic. Bank governor Andrew Bailey said they would look 'very carefully' at 'what this latest development could mean for the risk of cybercrime'.
The AI Security Institute, a Government test lab, has trialled the new technology and warned it was 'a step up over previous frontier models'.
Scott Bessent, the US Treasury secretary, and Jerome Powell, the chairman of the US Federal Reserve, also warned Wall Street banks about the model's capabilities in a recent meeting.
'Banks need to wake up,' said RS2's El Haj.
DIY INVESTING PLATFORMS
Affiliate links: If you take out a product This is Money may earn a commission. These deals are chosen by our editorial team, as we think they are worth highlighting. This does not affect our editorial independence.
Compare the best investing account for you
