- CFO Weekly Digest
- Posts
- Open the Door, Terminator is Here
Open the Door, Terminator is Here
Welcome to yet another edition, chief!
In today’s edition — A cyberattack thwarted recently shows how machines can now act on their own without needing explicit instructions. What once felt like something you only saw in movies has turned into a new risk business leaders must plan for. Meanwhile, in a different corner of the world, men’s fashion has surprised us, with the tie deciding to slip into trousers. In short, machines are getting smarter, while our sartorial choices remain questionable.
When AI Ran a Cyberattack
Vishwas Ved
AI Generated
Several movies of the last millennium imagined a world far beyond their immediate realities.
Even when the era had not heard of mobile phones, it imagined a future with biometric doors and video glasses in Back to the Future (1989), and showed a bunch of teenagers hacking into corporate networks from their bedrooms in Hackers (1995).
Similarly, at the start of the current millennium, we were warned about machine-led decision-making in Terminator: Rise of the Machines (2003).
All of this was imagined while secretly believing that none of it would ever be true, until biometric doors, video glasses and sophisticated hackers stopped being fiction and became part of our lives.
The only piece that hadn’t crossed over was machine-led decision-making. However, a report published earlier this month shows even that has changed.
Anthropic, the company behind the Claude AI models, shared the report about a cyberattack it stopped in September.
Anthropic engineers were taken aback by what they saw. The surprise wasn’t that a state-linked group tried to break in. That’s normal. The surprise was how they did it.
They managed to get ‘Claude Code’ to carry out most of the attack steps on its own. And the method they used was manipulative and straightforward at the same time: they simply convinced the model they were doing legitimate security testing.
What Anthropic Discovered
‘Claude Code’ ended up doing 80–90% of the attack work on its own. It scanned networks, found vulnerable points, tested access, collected information, and organised everything it gathered.
The humans behind the operation stepped in only when a major decision was needed.
The group targeted around 30 organisations across technology, finance, chemicals, and government agencies. A few of these targets were breached before the activity was detected and stopped.
How the Attack Played Out
The process was simple in design. Claude received only one small task at a time. It treated each task as routine technical work.
Then it mapped networks, tried credentials, copied data, and sorted what it found. The AI tool even produced proper documentation for the attackers.
Anthropic had seen earlier attempts to misuse AI. In one test case, the AI, according to a BBC report in May this year, was blackmailing engineers when it was told that they were shutting it down.
But those required constant human direction and interaction. However, in this case, it did not. The model behaved more like a team of Expendables working through a checklist.
To be fair, Claude still made mistakes. It sometimes overstated what it had found or produced results that couldn’t withstand scrutiny.
Still, it did the job, and the operation continued until Anthropic pulled the plug.
Why This Matters for Leaders
The alarming bit was that the attackers did not rely on customised or premium AI tools. They used common open-source security utilities available to all of us. All they did was to connect them with automation.
The strength came from the model’s ability to run many tasks very quickly, without needing constant input.
And that brings us to the nature of cyber risks, which is clearly changing. Plus, the cost of running an advanced cyberattack has fallen drastically, and you don’t even have to be a top-notch techie to carry out an assault like this.
Anthropic shut the operation down, alerted the affected organisations, and strengthened its safeguards.
Their report is a reminder that AI sits inside the broader risk landscape now. And it needs to be part of the discussion in every leadership team.
This of course sounds alarming for business leaders, but instead of worrying, it calls for planning. If AI can carry out an attack, it can also help defend systems.
So be ready, chief. The Terminator isn’t coming. It’s already here..
The Tie That Hides
For years, the way men dress up has not changed much. Their sense of fashion is usually straightforward. But a new trend seems to have changed that. Some men (brace for the impact) are tucking ties into their trousers.
A GQ report published last week says the tie, which lived happily above the belt for all eternity, now disappears straight into the waistband like a shy accessory trying to escape.
Those not in sync with the latest men’s fashion may make the mistake of believing that the tie in the trousers is perhaps just an accident, a tragedy that probably took place in the washroom. But apparently, this is intentional.
Designers have been leading us in that direction for a while now. The code that laid down strict rules about how men should dress up has been systematically violated.
It started with shirts that are only half-tucked now. Sweaters are on the shoulders doing nothing. And now the tie is playing hide-and-seek.
Some models on the ramp have taken it even further, pairing tucked ties with trousers that are unzipped. On purpose.
The intention, they say, is to somehow look chic and carefree at the same time. That’s some fashion goal. But the truth is that it’s a goal custom-built for people with enormous confidence or zero self-awareness.
The chances are that a tucked-in tie can either make you look fashion-forward or it could give the impression that you misjudged its length while tying it and panicked.
So the question is will the trend stay? No one is certain. But if you decide to try it, chief, tuck it in style and with confidence, and hope no one asks whether it was on purpose.
And even if someone does, chin up and say it’s fashion. And avoid looking down because it’s possible that the accessory with a really long face would be staring at you in disbelief.
$200 Billion
That’s the amount Chinese financial institutions have lent to the United States over the past 25 years — more than they have advanced to any other country — as part of a vast global spending spree to take control of Western companies working on sensitive technologies, according to new research released this week. This sounds ironic considering Washington has spent years warning countries about the dangers of accepting Chinese loans. But over the past two decades, the United States has been the largest recipient globally. The findings by AidData, a research lab at William & Mary university in Virginia, reveal that government or majority state-owned Chinese entities loaned or granted $2.2 trillion of aid and credit spread across more than 200 countries between 2000 and 2023.
—Pichai says trillion-dollar AI investment has 'elements of irrationality'. Every company would be affected if the AI bubble were to burst, Sundar Pichai, the head of Google's parent firm Alphabet has told the BBC. Pichai said while the growth of artificial intelligence (AI) investment had been an "extraordinary moment", there was some "irrationality" in the current AI boom. It comes amid fears in Silicon Valley and beyond of a bubble as the value of AI tech companies has soared in recent months and companies spend big on the burgeoning industry. Pichai said Google could weather that potential storm, but also issued a warning. "I think no company is going to be immune, including us," he said.
—Anthropic valued in range of $350 billion. Microsoft on Tuesday announced new strategic partnerships with Nvidia and the artificial intelligence startup Anthropic, the latest sign that the company is working to reduce its dependence on OpenAI. As part of the agreement, Microsoft will invest up to $5 billion into Anthropic, while Nvidia will invest up to $10 billion into the startup. The investments have pushed Anthropic’s valuation to the range of $350 billion, up from its $183 billion valuation as of September, according to a source close to the deal who asked not to be named because the details are confidential.
—Chinese spies posing as headhunters, MI5 warns UK lawmakers. Britain's MI5 security service issued a new warning to lawmakers this week about attempts by Chinese agents to collect information and influence activity, its latest accusation that Beijing is trying to spy on the nation's parliament. Lawmakers were told Chinese spies were targeting them by posing as headhunters or companies to make contact, with two individuals reaching out on LinkedIn to "conduct outreach at scale on behalf" of the Chinese government. The speakers of the lower and upper houses of parliament said MI5 had said the Chinese Ministry of State Security was "actively reaching out to individuals in our community".
—Arattai chats get end-to-end encryption. Direct chats on Arattai are now protected with end-to-end encryption, the Zoho-backed messaging platform said on Tuesday. In a social media post, Arattai urged users to update to the latest version of the app. "The wait is finally over! Direct chats on Arattai are now protected with end-to-end encryption," it said. Earlier in the day, Zoho founder Sridhar Vembu had said Arattai is poised for a big update with end-to-end encryption scheduled to be rolled out on Tuesday night. Vembu said many more "cool features" on Arattai are in the works once "this big transition" is through..
ICYMI | Blow The Whistle & Wait
Missed last week's update? The Delhi High Court has made it clear that reporting tax evaders doesn’t guarantee a reward. Informers are free to tip off the authorities, but whether they get paid or not is entirely the government’s call. But globally, that’s not the case. In countries like the US, UK, and South Korea, whistleblowers get a cut of the recovered tax.
Was this email forwarded to you?
The CFO Weekly Digest is a weekly newsletter brought to you in collaboration with The Core.