As AI-based cyber threats such as Claude Mythos become a reality, calls are emerging to elevate the sovereign AI foundation model project into a national security tool. Security use was specified from the start of the project, but it is taking a more concrete shape as the global security environment changes.

The Security Special Committee of the National AI Strategy Committee recently held its first regular meeting. The key agenda was an urgent review of trends related to Anthropic's Claude Mythos. Mythos, currently available in preview only to some companies, is an AI model that autonomously analyses software code to find unpatched zero-day vulnerabilities on its own and even generates exploits, or attack code, that can be used in real attacks. Anthropic on the 7th this month disclosed the model and said it had detected a vulnerability that had existed for 27 years in OpenBSD, a Unix-based operating system known for security, shocking the security industry.

Anthropic says it is not releasing Mythos to the general public and has no plans to do so. However, major countries including the United States, the European Union and China are moving quickly by setting up joint public-private response systems.

The South Korean government is moving similarly. The Ministry of Science and ICT and the Financial Supervisory Service, among others, convened meetings on current issues. The National AI Strategy Committee, a presidential AI strategy body, has also fully activated its security committee. At its first meeting, the security committee reached a consensus on three directions beyond a short-term response. The core is to elevate the sovereign AI foundation model project beyond industrial development into an "enhancing security capabilities project". It also presented items including building an AI-based real-time defence system and strengthening a global security cooperation framework.

Lee Won-tae (이원태), head of the National AI Strategy Committee's Security Special Committee, said, "An era has arrived in which AI, not humans, takes the lead in new hacking," and added, "If we cannot change existing security policies in line with the speed of technological evolution, security will ultimately become an obstacle to a major AI transformation and a leap toward becoming an AI powerhouse."

The sovereign AI foundation model project has emphasised security use from the outset. The Ministry of Science and ICT selected five elite teams last August after written and presentation evaluations. At the time, it announced the areas in which each team would develop or secure an AI foundation model: expanding the AI ecosystem, improving public access to AI, AI transformation (AX) in public, economic and social sectors, and defence and security use.

This also aligns with the view of key advisers at the presidential office. Ha Jung-woo (하정우), the presidential office's senior secretary for AI Future Planning, advised in a book before taking the post, "Foundation models are increasingly being managed as strategic assets at the national level, and access rights are highly likely to be restricted regardless of whether a country is an ally," and "Simply having the ability to use them will not give you a favourable card in negotiations."

The criteria for the second stage assessment have not yet been specified, but there is speculation that security capabilities will be reflected. Kim Kyung-man (김경만), director general for AI policy at the Ministry of Science and ICT, stressed at a briefing in February on additional selections for the project, "A sovereign foundation model is fundamentally about our country developing its own AI, from a sovereign perspective, particularly to secure autonomy in defence and security." A key factor in the second stage assessment is "applicability and diffusion". Diffusion refers to the ability to apply and deploy the developed model across various industries and public sectors. Diffusion in the security field is also highly likely to be reflected in the assessment criteria.

A ministry official explained, "Securing world-class sovereign AI models through the project itself is important from technological, policy and security perspectives," and "Diffusion into specialised fields such as security using the project is also important, and existing evaluations also emphasise diffusion."

The next meeting of the security committee will include security and diplomatic agencies such as the National Intelligence Service, the Ministry of Foreign Affairs and the Financial Services Commission in addition to the Ministry of Science and ICT. However, it is unclear whether they will directly intervene in the project. An official at the National AI Strategy Committee said, "We held the first meeting as Mythos became a global issue in security terms, and we are currently at the stage of identifying trends and discussing response directions," and added, "Inter-ministerial cooperation methods, budgets or changes to the project structure are not yet at the discussion stage."

The second stage assessment will be conducted in August. Currently, 4 teams are participating in the project: LG AI Research, SKT, Upstage and Motif Technologies.