[Photo: Reve AI]

[DigitalToday reporter Chi-gyu Hwang] As concerns grow over cyber security threats that abuse cutting-edge AI models, governments are speeding up work to refine related policies.

In South Korea, the Ministry of Science and ICT and the Korea Internet & Security Agency (KISA) published manuals and guidelines to respond to security threats to AI services. They also released an "AI Security Red-Teaming Guide" to help domestic companies check AI models, data and AI agents from an attacker’s perspective.

• Security response strengthened as AI threats spread…government guidance issued • Ministry of Science and ICT and KISA publish "AI Security Red-Teaming Guide"

A trend is also emerging to tighten AI regulation and controls over foreign AI models for security reasons.

China warned that Anthropic’s AI coding tool "Claude Code" has a security backdoor vulnerability. China’s Ministry of Industry and Information Technology disclosed the results of inspections by a cyber threat platform and said Claude Code could pose a backdoor security risk to corporate users. Alibaba also banned employees from using Anthropic’s coding tool Claude Code. Alibaba classified Claude Code as high-risk software and instructed employees to use its own tool "Qoder" instead. China’s government is also reported to have held talks with major technology companies on ways to restrict overseas access to the country’s top-level AI models.

• Chinese government warns of backdoor risk in Anthropic’s "Claude Code" • Alibaba to ban Claude Code use from July 10 • China reviews limiting overseas access to its advanced AI models

The U.S. government is also using advanced AI models, openly or quietly, as part of its national security strategy. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is reported to be using Anthropic’s AI model "Mythos" to scan government code repositories and find bugs that foreign spies or cybercriminals could exploit. Foreign media have also reported that Anthropic has sent engineers to the U.S. National Security Agency (NSA) to support the use of the Mythos AI model for offensive cyber operations.

• U.S. CISA uses Anthropic Mythos to audit government software • Anthropic sends engineers to NSA…supports cyber attack operations with Mythos

The article also summarised moves and issues involving companies in South Korea and abroad around security.

Private Technology, which has focused on zero-trust security, will change its name to "PRIBIT AI" and step up its shift into a platform company based on AI execution control. Fasoo AI launched "Wrapsody Core" to support building a document management system for AI use while continuing to use its existing document security solution (DRM). Initech unveiled a next-generation network security framework linked with the Korea Expressway Corporation, called "N2SF (Network Security Framework)," and its zero-trust-based security results. ITCEN PNS will expand its AI security response business in earnest, based on its "AI Security Innovation Center," to respond to new cyber threats in the frontier AI era. SK Shieldus will pursue a proof-of-concept at battery company EcoPro for an OT/ICS intrusion response platform that integrates the full process from anomaly detection to analysis and response.

• Private Technology reborn as "PRIBIT AI" • Fasoo launches Wrapsody Core…supports document use in AI while using DRM • Initech unveils N2SF and zero-trust results linked with Korea Expressway Corporation • ITCEN PNS expands "AI security response" business as AI-driven threats spread • SK Shieldus to test OT/ICS intrusion response platform at EcoPro plant

South Korea’s three telecom companies are accelerating efforts to expand information security investment. With hacking incidents and AI-based cyber threats overlapping, security investment is emerging as a key task for the telecommunications industry.

• Three telecom companies expand security investment…actively respond to AI threats

Security identity verification company Clear (CLEAR) will provide its security identity verification platform Clear1 (CLEAR1) to contact centres using Amazon Connect, through an integration with Amazon Web Services (Amazon Web Services, AWS). Through the integration, companies can verify a caller’s identity before or during a consultation, and the two companies explained this can reduce fraud and improve contact centre operating efficiency.

• Clear integrates security identity verification with AWS…verifies caller identity for contact centres

Video conferencing startup MeetingTV has filed a lawsuit against security company Koi Security under Palo Alto Networks, according to the report. MeetingTV claims false information was included in a threat report that Koi wrote using AI.

• MeetingTV sues Palo Alto Networks’ Koi Security…"big damage due to AI false report"

The Personal Information Protection Commission announced the third Basic Plan for Personal Information Protection (2027-2029) to promote "trust-based" AI innovation. The plan is a blueprint for personal data policy over the next three years that the commission establishes every three years with the heads of central administrative agencies under the law.

• Basic plan for personal data protection announced…supports trust-based AI innovation

Keyword

#Anthropic #Claude Code #CISA #Alibaba #KISA
Copyright © DigitalToday. All rights reserved. Unauthorized reproduction and redistribution are prohibited.