Banks warned by Australian Prudential Regulation Authority to lift their game on tackling AI risks

Australia’s banks have been warned by the Federal Government they need to do a better job of preparing for AI-related fraud, with cyberexperts warning unsophisticated criminal hackers can misuse the likes of Claude to hack into websites and personal information.

The Australian Prudential Regulation Authority said banks, insurers and superannuation fund managers weren’t adequately dealing with “increased cyberthreats from high-capability AI frontier models such as Anthropic Mythos”.

Anthropic’s Claude Mythos product is frightening regulators with its ability to do hacking and cybersecurity crime better than humans, with the latest version from the American tech giant potentially more advanced than OpenAI’s ChatGPT and Google’s Gemini in finding website vulnerabilities.

“APRA found that, while AI is being actively adopted by all the entities we engaged with, there are differing levels of maturity across functions such as governance, risk management and operational resilience,” it said in an industry letter on Thursday.

“In addition, assurance practices are not keeping pace with the scale, speed and complexity of AI.”

Therese McCarthy Hockey, an APRA executive board member, wrote a letter criticising the financial services industry for having outdated information technology to deal with artificial intelligence threats.

“AI threats are increasing, but information security practices are struggling to keep pace,” her letter said.

“The use of AI increases the pathways that cyber attackers can use and lead to more frequent cyber attacks.

“AI can shorten the attack cycle and increase speed, coordination and impact.”

The banking regulator also observed that corporate boards were still “developing the technical literary required to provide effective challenge on AI-related risks and oversight”.

“The volume and speed of AI assisted software development is placing strain on the effectiveness of change and release management controls,” the APRA letter said.

Cybersecurity expert Alastair MacGibbon, who previously advised former prime minister Malcolm Turnbull, said smaller banks, insurers and super funds were particularly vulnerable to a sophisticated AI model like Claude being misused to hack into websites.

“I suspect that some of the second-tier and third-tier financial institutions are less well prepared,” he told The Nightly.

“I suspect superannuation companies and some of the insurers who don’t feel themselves as exposed to that daily cyberthreat, in the broad, are probably much less prepared.

“The big insurers I suspect are good but again, there’s a big gap. The big banks that I’ve dealt with — I’m going to call it the top five — I think they have been considering this problem for a long time, as well prepared or better prepared than the vast bulk of organisations.”

Strategic Analysis Australia director Michael Shoebridge, who has previously worked for the Australian Signals Directorate and the Defence Intelligence Organisation, said the Chinese government was more likely to use a Chinese AI company to hack into bank accounts than an American platform like Anthropic.

“Personal financial information is gold for an intelligence agency that wants to understand someone and understand their vulnerabilities and their desires so, if you want to blackmail someone and pay someone to betray secrets, knowing all about their finances is really useful,” he said.

While Claude is designed to help companies find vulnerabilities in their information technology, in the wrong hands, an unsophisticated hacker could potential get into bank websites and steal customer data.

“It also gives the attacker an ungodly amount of capabilities that they didn’t have a few months or years ago,” Queensland University of Technology cybersecurity professor Craig Costello said.

“Zero days is like a word for a very problematic bug or a very problematic hole into a system that, if exploited by the wrong person, could be catastrophic and so the fact that these tools can find them so quickly and the user doesn’t have to know what’s going on, they only have to be told what to do, that creates a really problematic new set of attack vectors.”

The likes of Claude could also be used to create malware to steal passwords and PIN codes, and hack into the back end of websites, which RMIT associate professor of network engineering Mark Gregory said was an “extremely high” threat.

“The benefit of using AI is it can search the entire internet and it can find things the average person won’t find — things like code for malware,” he said.

“That means, essentially, that the day of the password is done.

“There’s a problem with the PIN codes. Even if it appears as an SMS or appears in the Messenger app, malware can get access to that.”

Xu Wang, a senior lecturer in cybersecurity at the University of Technology, Sydney, said AI could be used to generate phishing emails at scale.

“Claude is not the threat on its own. The real issue is that AI is fundamentally lowering the cost and increasing the speed of cyberattacks, while also introducing new types of risk,” Dr Wang said.

Australian Banking Association chief executive Simon Birmingham hit back, arguing banks were investing billions of dollars in combating AI threats.

“Australian banks maintain strong cybersecurity defences, investing billions each year to ensure their systems remain secure and can shield against potential threats,” he said on Thursday.

“Banks also constantly assess their cyberrisk settings and are well positioned to respond to emerging AI technologies.”