Open Source AI Cybersecurity Risks: The Uncontrolled Power

New open-source AI models are approaching the capabilities of Anthropic’s Mythos-level systems—but without the safety controls. For businesses, this creates unprecedented cybersecurity risks that demand immediate attention.

The Gap Has Closed: How Close Are Open Models?

The difference between frontier closed models and open-source alternatives has narrowed to just 2-3% on benchmark performance. Models like DeepSeek V4, Qwen 3, and Mistral Large 2 now match or exceed GPT-4o and Claude 3.5 Sonnet on coding, reasoning, and multilingual tasks.

More critically, these models run locally on standard hardware. A $4,000 workstation can host capabilities that required cloud access just 18 months ago. The barrier to entry for AI-powered cyberattacks has collapsed.

What Open Models Can Do Without Controls

Anthropic’s Claude includes constitutional AI training, safety classifiers, and usage monitoring. Open models include none of these. Here’s what threat actors can achieve:

1. Automated Vulnerability Discovery

Open models can analyze codebases, identify zero-day vulnerabilities, and generate proof-of-concept exploits. Without safety guardrails, they won’t refuse requests to target specific systems or software.

2. Social Engineering at Scale

Models like Llama 3.1 405B generate convincing phishing emails, voice clones, and deepfake videos. Without output monitoring, these can be generated indefinitely without triggering abuse detection.

3. Malware Generation and Obfuscation

Polymorphic malware—code that rewrites itself to evade detection—can be generated automatically. Open models create custom encryption, novel persistence mechanisms, and anti-analysis techniques on demand.

4. Infrastructure Reconnaissance

Connected to tools like Nmap, Shodan, or Metasploit, open models perform autonomous network mapping, service enumeration, and attack path planning without human intervention.

The Mythos-Level Threat: What Makes This Different

“Mythos-level” AI refers to systems with autonomous agent capabilities—models that can:
• Plan multi-step operations
• Use external tools and APIs
• Persist across sessions
• Adapt tactics based on feedback

These capabilities existed only in closed systems with strict monitoring. Now they run on laptops in untraceable environments.

Specific Risks for Scottish Businesses

For organisations in Central Scotland, the threat profile has shifted dramatically. Traditional security measures are no longer sufficient against AI-powered attacks.

Why Controls Matter: The Anthropic Approach

Anthropic invests heavily in AI safety:

Constitutional AI: Models trained to refuse harmful requests
Output filtering: Real-time scanning for dangerous content
Usage monitoring: Patterns detected and flagged
Capability testing: Red-teaming before release

Open models have zero of these protections. They cannot refuse requests. They cannot be shut down. They cannot be audited.

What Scottish Businesses Should Do Now

Immediate Actions

1. Audit your AI exposure — Identify which employees use AI tools (ChatGPT, Claude, Copilot) and what company data they process. Shadow IT is common—survey your staff directly.

2. Review email security — AI-generated phishing is now indistinguishable from legitimate communications. Implement DMARC, DKIM, and SPF authentication. Test your defences with simulated attacks.

3. Verify identities by alternative means — Voice cloning and deepfake video mean you can no longer trust audio/visual confirmation alone. Establish verification protocols for financial transactions and sensitive requests.

4. Update incident response plans — Add AI-generated attack scenarios to your tabletop exercises. Ensure your team recognises polymorphic malware and autonomous reconnaissance patterns.

Strategic Considerations

1. Establish AI governance frameworks — Document approved tools, prohibited use cases, and data handling rules. Appoint an AI security lead responsible for monitoring developments and policy updates.

2. Rethink your security architecture — Traditional perimeter defence is insufficient when AI can generate novel attacks. Implement zero-trust principles, behavioural analytics, and assume breach mentality.

3. Invest in detection capabilities — Signature-based antivirus struggles with AI-generated malware. Deploy endpoint detection and response (EDR) with behavioural analysis and anomaly detection.

4. Prepare for regulatory compliance — The EU AI Act and UK AI White Paper will impose obligations on AI usage. Document your AI risk assessments, audit trails, and mitigation measures now.

The Reality: This Is Already Happening

Security researchers report a 600% increase in AI-generated phishing attempts since open models became widely available. Nation-state actors are known to be using these tools for cyber operations. The threat is not theoretical—it is active.

The question is not whether your business will face AI-powered attacks. It is whether you will recognise them when they arrive.

How Why Settle Technology Can Help

We help Scottish businesses understand and mitigate emerging AI cybersecurity risks:

AI exposure audits: Comprehensive assessment of your AI tool usage, data leakage risks, and shadow IT discovery
Social engineering simulations: AI-generated phishing campaigns to test your defences
AI security policy development: Governance frameworks tailored to your risk profile
Incident response planning: Playbooks and training for AI-enhanced attacks

Contact us to discuss how these developments affect your security posture.


Why Settle Technology provides IT, network, and cybersecurity services to businesses across Central Scotland. We help organisations stay ahead of emerging threats.

Cost: Security assessments from £1,500. Training programmes from £750 per session.

Timeline: Initial assessment completed within 5 working days.

FAQ

Q: Are open-source AI models actually dangerous?
A: The models themselves are tools—the danger lies in unrestricted access combined with autonomous capabilities. Without safety controls, they enable attacks at unprecedented scale and sophistication.

Q: Can antivirus software detect AI-generated malware?
A: Traditional signature-based detection struggles with polymorphic, AI-generated code. Behavioural analysis and endpoint detection are more effective but require updates.

Q: Should we ban AI tools in our business?
A: Prohibition is rarely practical. Governance, monitoring, and security awareness are more effective than outright bans.

Written by: Why Settle Technology security team

Related Posts