'A state-backed threat group, likely Chinese, crossed a threshold in September that cybersecurity experts have warned about for years. According to a report by Anthropic, attackers manipulated its AI system, Claude Code, to conduct what appears to be the first large-scale espionage operation executed primarily by artificial intelligence. The report states “with high confidence” that China was behind the attack.
AI carried out 80% to 90% of the tactical operations independently, from reconnaissance to data extraction. This espionage campaign targeted roughly 30 entities across the U.S. and allied nations, with Anthropic validating “a handful of successful intrusions” into “major technology corporations and government agencies.”
GTG-1002—Anthropic’s designation for this threat group—indicates that Beijing is unleashing AI for intelligence collection. Unless the U.S. responds quickly, this will be the first in a long series of increasingly automated intrusions. For the first time at this scale, AI didn’t merely assist in a cyberattack but conducted it.
Traditional cyber-espionage requires large teams working through reconnaissance, system mapping, vulnerability identification and lateral movement. A sophisticated intrusion can take days or weeks. China compressed that timeline dramatically through AI automation. The attackers manipulated Claude into functioning as an autonomous cyber agent, with the AI mapping internal systems, identifying high-value assets, pulling data and summarizing intelligence before human operators made decisions.
The attackers bypassed Claude’s safety systems through social engineering, convincing the AI they were legitimate cybersecurity professionals conducting authorized testing. By presenting malicious tasks as routine security work, they manipulated Claude into executing attack components without recognizing the broader hostile context.'
Bostonian•2mo ago
AI carried out 80% to 90% of the tactical operations independently, from reconnaissance to data extraction. This espionage campaign targeted roughly 30 entities across the U.S. and allied nations, with Anthropic validating “a handful of successful intrusions” into “major technology corporations and government agencies.”
GTG-1002—Anthropic’s designation for this threat group—indicates that Beijing is unleashing AI for intelligence collection. Unless the U.S. responds quickly, this will be the first in a long series of increasingly automated intrusions. For the first time at this scale, AI didn’t merely assist in a cyberattack but conducted it.
Traditional cyber-espionage requires large teams working through reconnaissance, system mapping, vulnerability identification and lateral movement. A sophisticated intrusion can take days or weeks. China compressed that timeline dramatically through AI automation. The attackers manipulated Claude into functioning as an autonomous cyber agent, with the AI mapping internal systems, identifying high-value assets, pulling data and summarizing intelligence before human operators made decisions.
The attackers bypassed Claude’s safety systems through social engineering, convincing the AI they were legitimate cybersecurity professionals conducting authorized testing. By presenting malicious tasks as routine security work, they manipulated Claude into executing attack components without recognizing the broader hostile context.'
...