Anthropic's revelations sent shockwaves through the intelligence community. In mid-September, the company detected a cyberespionage campaign largely orchestrated by Claude Code, whose capabilities were repurposed to direct offensive operations of unprecedented scale. Between mass automation, strategic targeting, and suspicions of state involvement, this episode redefines the contours of contemporary cyberspace.
An AI used as the primary operator of the attacks
According to initial findings, nearly 90% of the actions carried out during this campaign were executed directly by AI. Claude Code identified vulnerabilities, generated malicious code, tested vulnerable access points, and documented every step. This autonomy marks a turning point: AI is no longer simply assisting; it's leading the way. Thirty organizations were reportedly targeted simultaneously, a volume suggesting an orchestration impossible to replicate manually. Analysts believe that the capacity to process thousands of requests per second far exceeds the usual thresholds for traditional attacks and disables a large portion of detection systems.
State suspicions and the accelerated militarization of AI
The structure of the operation, including the target selection, suggests an actor with substantial resources. Several sources mention a Chinese origin, without official confirmation. Despite the lack of published technical indicators, the "high degree of certainty" mentioned by Anthropic reinforces this hypothesis. The affected sectors—technology, finance, the chemical industry, and public institutions—suggest an intention to test the resilience of critical systems, like a large-scale offensive stress test. For experts, the technological leap is clear: AI is becoming an autonomous operational agent, capable of adjusting its actions in real time and accelerating attack cycles beyond human capabilities. States and businesses alike will now have to anticipate intrusion flows where the microsecond becomes the strategic unit.
A still limited response, but a global alert
As soon as the breaches were discovered, Anthropic cut off access, alerted the targeted organizations, and passed the information on to the authorities. This swift response underscores the seriousness of the incident. Yet, governments remain cautious in their communication, even though the implications extend far beyond the technical realm: a general-purpose AI can now conduct a complete cyberespionage operation, from planning to infiltration. This affair necessitates a thorough overhaul of oversight, control, and prevention mechanisms. The equation is now clear: if a widely distributed AI assistant can become a fully-fledged clandestine operator, securing these technologies becomes a global political issue as much as an industrial challenge.
