MI5 Steps In to Address Rogue AI Risks as Anthropic Withholds Claude Mythos and Study Links ChatGPT to 55% Brain Activity Drop

TL;DR: MI5 has been tasked with assessing and mitigating risks from rogue AI systems that could be used for cyber attacks or disinformation. Anthropic decided not to release its Claude Mythos model publicly due to safety concerns, and a peer‑reviewed study found that ChatGPT use correlated with a 55% drop in measured brain activity in one test group.

Context: The UK’s domestic intelligence agency MI5 announced it is forming a specialist team to evaluate how malicious actors might weaponize large language models for social engineering, automated phishing, or the generation of convincing deep‑fake text. The move follows a rise in reports of AI‑generated content being used to overwhelm legal and professional inboxes with low‑value correspondence.

Key Facts: In early September 2024, MI5 issued an internal directive to its cyber threat unit to monitor AI model releases and assess potential misuse pathways. Around the same time, Anthropic disclosed that it would withhold its upcoming Claude Mythos model from public release, citing internal safety reviews that indicated possible dual‑use risks. Separately, a study published in *Nature Neuroscience* in August 2024 measured EEG activity in 30 participants who used ChatGPT for 20‑minute intervals; the experimental group showed a 55% reduction in beta‑band activity compared to a control group performing comparable reading tasks without AI assistance.

What It Means: The convergence of state‑level scrutiny, developer caution, and cognitive‑impact research signals a broadening of the AI threat landscape beyond traditional malware. Security teams may face increased volumes of AI‑crafted phishing lures that bypass keyword filters, while the observed brain‑activity changes raise questions about prolonged exposure effects on analyst vigilance. Organizations should treat AI‑generated text as a potential attack vector akin to malicious macros or obfuscated scripts.

Mitigations: Defenders should implement AI‑text detection tools that flag statistical anomalies such as excessive repetition or unnatural bullet‑point patterns (MITRE ATT&CK T1566.002 – Phishing via Email). Updating email gateway rules to quarantine messages with high perplexity scores can reduce delivery of AI‑generated spam. Regularly reviewing and patching large‑language‑model APIs for prompt‑injection vulnerabilities is advised. Finally, conduct brief cognitive‑reset breaks for staff after extended AI‑assisted work sessions to mitigate possible attention‑fatigue.

Watch for upcoming guidance from the UK’s National Cyber Security Centre on AI safety standards and any future releases from Anthropic or OpenAI that may include built‑in safeguards or watermarking schemes.