Key Takeaways
- Anthropic is extending its secretive Project Glasswing to India, granting vetted Indian government bodies, research institutes and IT‑services firms access to the unreleased AI model Claude Mythos Preview.
- Mythos is touted as capable of pinpointing critical software vulnerabilities, potentially shifting the offence‑defence balance in cybersecurity.
- Access remains tightly controlled because Anthropic fears misuse; Indian agencies such as CERT‑In, NCIIPC, I4C and the DoT’s DIP have already been cleared.
- The Indian government, led by Finance Minister Nirmala Sitharaman and IT Minister Ashwini Vaishnaw, has convened high‑level meetings to assess risks to the banking sector and ordered pre‑emptive defensive steps.
- While Anthropic is helping the U.S. NSA deploy Mythos for offensive cyber operations, it simultaneously battles the U.S. Department of Defense over allegations of enabling mass‑surveillance and lethal‑drone AI, a dispute that has led to a lawsuit and a “supply‑chain risk” label from the Pentagon.
- Anthropic’s recent IPO filing values the company at over $1 trillion, underscoring the high stakes surrounding its AI technologies.
Overview of Project Glasswing Expansion to India
Anthropic announced that it is widening Project Glasswing beyond its original U.S. and UK participants to more than 15 countries, with India among the first new recipients. The programme provides qualifying organisations with early access to Claude Mythos Preview, an unreleased frontier AI model designed to uncover deep‑lying software flaws. By extending the initiative, Anthropic aims to bolster global cyber‑defence capabilities while maintaining tight oversight over who can wield the model’s power.
Indian Government Agencies Granted Access
Among the Indian entities cleared to use Mythos are the Indian Cyber Crime Coordination Centre (I4C), the Indian Computer Emergency Response Team (CERT‑In), the National Critical Information Infrastructure Protection Centre (NCIIPC) – which reports to the National Security Advisor in the Prime Minister’s Office – and the Department of Telecommunications’ Digital Intelligence Platform (DIP). These bodies are tasked with protecting national‑level digital assets across banking, telecom, power and other critical sectors.
Research Institutions and IT Services Involvement
Beyond government bodies, Anthropic has also offered Mythos Preview to select cybersecurity‑focused research organisations in India. Discussions are ongoing with several of the country’s largest IT‑services firms to provide dedicated cybersecurity and AI teams access to the model. This broader outreach reflects Anthropic’s strategy of embedding the technology within institutions that maintain widely used codebases, thereby magnifying defensive benefits across supply chains.
Mythos Model’s Vulnerability‑Detection Capability
Anthropic claims that Claude Mythos Preview can identify critical software vulnerabilities at a level that could fundamentally alter the attacker‑defender dynamic. By spotting weaknesses before they are exploited, the model enables organisations to patch systems proactively, reducing the window of opportunity for cyber‑criminals and nation‑state actors alike. The potency of this ability is why Anthropic treats the model as a strategic asset rather than a commodity.
Reasons for Restricted Access and Misuse Concerns
Despite its defensive promise, Anthropic has kept Mythos tightly guarded, citing fears that the model could be repurposed for offensive cyber operations, mass surveillance, or the development of lethal autonomous systems. The company has drawn a “red line” around its Claude models to prohibit U.S. government use for such activities. These safeguards aim to prevent the technology from becoming a tool for destabilisation while still allowing legitimate defensive applications.
NCIIPC and CERT‑In Requests for Critical‑Infrastructure Protection
NCIIPC and CERT‑In specifically requested access to Mythos to scan India’s critical infrastructure—particularly banking, power and telecom networks—for hidden flaws. Officials said the model’s deep code analysis could uncover vulnerabilities that conventional scanners miss, thereby strengthening the resilience of services that underpin the national economy. Their request reflects a growing recognition that AI‑driven scrutiny is essential for safeguarding complex, interconnected systems.
Prior Indian Government Engagement with Anthropic
Before the formal grant of access, The Indian Express reported that senior Indian officials had been in talks with Anthropic’s leadership in the United States to secure Mythos for national‑defence purposes. Those discussions laid the groundwork for the current arrangement, showing that India’s cybersecurity establishment had been actively seeking advanced AI tools to address escalating threat landscapes.
Global Expansion Scope: Over 150 Organisations in 15+ Countries
Anthropic’s blog post accompanying the India announcement noted that the new wave of Project Glasswing partners includes roughly 150 organisations spread across more than 15 nations. Participants span sectors such as power, water, healthcare, communications and hardware, with many being vendors or non‑profits that maintain codebases relied upon by countless downstream users, including governments. This wide‑reach approach aims to multiply the defensive impact of Mythos across global supply chains.
Indian Government’s Risk Assessment and Banking‑Sector Directives
In April, Finance Minister Nirmala Sitharaman convened a high‑level meeting with IT Minister Ashwini Vaishnaw to evaluate the potential risks Mythos poses to India’s banking sector. The meeting concluded with directives for banks to adopt pre‑emptive safeguards, for the Indian Banks’ Association (IBA) to create a coordinated incident‑response mechanism, and for financial institutions to engage top‑tier cybersecurity professionals and specialist agencies to continuously enhance defensive monitoring.
Measures Directed: Defensive Mechanisms, U.S. Offensive Use, Legal Battles and IPO
The government’s guidance includes the establishment of a rapid‑response framework within the IBA and the hiring of specialised cyber‑security talent to monitor for anomalous activity linked to AI‑driven exploits. Meanwhile, the Financial Times reported that Anthropic is assisting the U.S. National Security Agency in deploying Mythos for offensive cyber operations, embedding engineers inside the NSA—a development that clashes with Anthropic’s own red‑line stance and has prompted the Pentagon to label the firm a “supply‑chain risk.” Anthropic has sued over that designation. Amid these tensions, the company filed for an initial public offering in the United States, seeking a valuation exceeding $1 trillion, a move that underscores the immense market confidence—and controversy—surrounding its AI technologies.