Singapore on Alert, AI Can Help Hackers Attack Faster
JAKARTA - The Monetary Authority of Singapore or MAS is gathering the bosses of major banks to discuss the cyber threat from advanced artificial intelligence or AI models. The issue is quite serious. AI is now increasingly able to help hackers find gaps and devise attacks faster.
According to a report by The Straits Times quoted on Tuesday, May 5, this was conveyed by Singapore's Senior Minister of State for Digital and Information Development Tan Kiat How in Parliament on May 5.
Tan said the Singapore Cyber Security Commissioner would also send a letter to the heads and boards of directors of critical information infrastructure owners or CII. They are asked to review their respective cyber risks.
The statement came after lawmakers asked about the risks of cutting-edge AI models such as Anthropic's Claude Mythos Preview. The model is reportedly able to find software vulnerabilities and create code to exploit them.
Anthropic, a US company, claims the model has found a loophole in all major browsers and operating systems.
"These attacks are faster, more easily scalable, and much more sophisticated," Tan said, quoted by The Straits Times.
He reminded, the world has not seen an AI agent that is fully autonomous in carrying out an attack from start to finish. However, according to Tan, it's just a matter of time.
Tan emphasized that the problem is not just Mythos. Other models are also moving fast. He said OpenAI's GPT-5.5 has already shown comparable cyber security capabilities. Open source AI models are also expected to achieve similar capabilities in a few months.
AI is also changing the way attacks are carried out. Tan gave an example of the PROMPTFLUX malware that can consult an AI model when attacking and rewrite code directly to evade detection.
"The issue is not a particular model like Mythos," Tan said. "The underlying changes are broader and the risks are real."
Therefore, Singapore does not want cyber affairs to be handled only by an information technology team. Tan asked the highest leadership, including directors and CEOs, to get involved.
The eleven CII sectors in Singapore include aviation, health, land transport, maritime, media, security and emergency services, water, banking and finance, energy, info-communications, and government.
Tan warned that many burglaries started with unmanaged assets. For example, old systems that are still connected to the internet or cloud computing accounts that are out of control.
The company is also asked to patch the gap faster. Because, the distance between the announcement of the vulnerability and the attack is now getting shorter. AI-based tools also need to be used for detection and response.
The Singapore government, said Tan, is working with industry to access the best tools. However, internal capabilities are also being developed so as not to be too dependent on outsiders.
CSA also reviews the standards and obligations of CII owners. The institution has the authority to give directions and enforce measures if necessary.
Tan said talent was key in facing AI-based cyber attacks that could come from anywhere.
"There is no single definition of the type of cyber security talent needed," he said.
According to Tan, Singapore needs experts in detection, red teaming, penetration testing, and people who understand the way attackers think.
"Resilience depends on all parties playing their part. We must act early and decisively, and stay one step ahead of the threat," Tan said.