Cybersecurity Looks Like Proof of Work Now

2026-04-14 · Source: Drew Breunig · Field: Technology & Digital — Cybersecurity & Data Privacy, Artificial Intelligence & Machine Learning, Software Development & Engineering · Depth: Intermediate, short

Summary

Anthropic's Mythos, a new large language model, demonstrates "strikingly capable" performance in computer security tasks, leading Anthropic to restrict its public release, granting access only to critical software makers for system hardening. A third-party evaluation by the AI Security Institute (AISI) largely supports these claims, noting Mythos as "a step up over previous frontier models." In a simulated 32-step corporate network attack called "The Last Ones," which humans typically complete in 20 hours, Mythos successfully achieved full network takeover in 3 out of 10 attempts. Each attempt consumed 100 million tokens, costing \$12,500 per Mythos run, totaling \$125,000 for ten runs. The analysis suggests that security is evolving into a "proof of work" system, where hardening requires spending more tokens to find exploits than attackers spend exploiting them, with models showing no diminishing returns with increased token budgets.

Key takeaway

For Directors of AI/ML evaluating security strategies, recognize that system hardening is becoming a token-intensive "proof of work" challenge. Your security budget must now explicitly account for substantial LLM token expenditure to discover exploits before attackers do. Implement a distinct, budget-limited hardening phase in your development lifecycle. Additionally, contribute to open source software security, as collective token spending enhances its resilience against sophisticated AI-driven threats.

Key insights

Cybersecurity now resembles a proof-of-work system, demanding more tokens to find exploits than attackers spend.

Principles

• System hardening cost directly correlates with token expenditure.
• Open source security improves with collective token-based auditing.
• Exploit discovery shows no diminishing returns with increased tokens.

Method

A three-phase software development cycle: initial feature development, followed by code review, and finally an autonomous hardening phase to identify exploits.

In practice

• Consider "yoinking" simple dependency functionality with LLMs.
• Integrate a dedicated, budget-limited hardening phase into development.

Topics

• Anthropic Mythos
• LLM Security
• Proof of Work
• AI Security Institute
• Software Supply Chain
• AI Agents

Best for: CTO, VP of Engineering/Data, AI Architect, AI Security Engineer, Software Engineer, Director of AI/ML

Related on AIssential

• Cybersecurity Looks Like Proof of Work Now — Cybersecurity is becoming a "proof of work" problem, where spending more tokens directly improves vulnerability detection.
• In Defense of Tokenmaxxing — Experimentation with AI token consumption is crucial for navigating the shift to agentic AI and developing new work primitives.
• The patch model is breaking. AI evaluation needs a new way to disclose what it finds. — The traditional software patch model fails for AI due to dual-use findings, test corruption, and unpatchable open-weight models.
• Benchmarking Security Risk Detection and Verification in Open Agentic Skill Ecosystems — Open agent skill ecosystems require two-stage security vetting, combining semantic analysis with runtime execution, to detect sophisticated supply-chain attacks.
• In Defense of Tokenmaxxing — Experimentation with AI token consumption is crucial for enterprise adaptation to agentic AI, despite potential for misuse.
• AI cybersecurity is not proof of work — AI cybersecurity success depends on model intelligence and understanding, not merely "proof of work" computational resources.

Open in AIssential →

Editorial summary, takeaway, and curation by AIssential. Original article published by Drew Breunig.