Risky Business #815 — Anthropic's AI APT Report is a Big Deal
Podcast: Risky Business | Host: Patrick Gray | Co-host: Adam Boileau | Date: November 19, 2025

Episode Overview

In this episode, Patrick Gray and Adam Boileau dissect the week’s biggest cybersecurity headlines, with a central focus on Anthropic’s unprecedented AI-enabled APT report. They examine the report’s details, debate industry criticisms, and contextualize the significance of LLM-driven automation in APT campaigns. Additional topics include critical vulnerabilities in security gear (Cisco, Citrix, Fortinet), massive-scale scams and legal actions, WhatsApp user enumeration, and the financial (and human) impact of cybercrime. The episode wraps with an engaging interview with MasterCard’s Arooj Bernie on the unification of fraud and cyber teams in the finance sector.

Main Segment: Anthropic’s AI-Powered APT Campaign

What Did Anthropic Report?

• Anthropic detected a Chinese threat actor leveraging their Claude LLM to orchestrate cyber attacks at scale. The attacker built a framework to automate reconnaissance, exploitation, and post-compromise activity, using Claude as a core component ([01:06]).
• 30 companies targeted; in some, the campaign succeeded. Attacks included credential harvesting, SQL injection, and server-side request forgery. LLM orchestration allowed rapid, semi-automated operations with human-in-the-loop approval ([01:06]).

Key Points & Insights

The Criticism and Debate

• Transparency Critique: Some industry figures, e.g., Kevin Beaumont, argue the report lacks detail and showcases nothing novel technically.
  • “Anthropic's report lacks transparency.” — (quoting Kevin Beaumont via Cyberscoop article, [02:25]).
• Patrick and Adam’s Pushback: The crux is not technical novelty but scale and operational impact.
  • “Operational sophistication beats technical sophistication every time.” — Patrick Gray ([04:02]).
  • “I don’t see anyone criticizing an elite pen tester because they use existing tools. Are they only supposed to use novel tools?” — Patrick Gray ([07:10]).

Why This Matters

• AI enables lower-skill operators to wield higher-level capabilities, multiplying the effectiveness of a small top-tier team ([04:02], [05:29]).
  • “Imagine you take your hundred best people from an intelligence org... and just task them with using AI tools... you're going to get just insane bang for buck... This is huge.” — Patrick Gray ([04:02]).
• Early stages: LLMs still hallucinate, exaggerate findings, and make mistakes—comparable to the enthusiasm and error rate of a junior pen tester ([05:29]).
• The engineering challenge was not just using Claude, but building the orchestrating framework, integrating with tools, and managing LLM shortfalls ([09:17]).

Guardrails, Details, and Detection Challenges

• The attackers broke tasks into small steps to evade LLM guardrails, highlighting detection difficulties ([10:06]).
  • “One of the things the attackers did here is that they broke everything up into tiny steps to kind of avoid those guardrails, right?” — Patrick Gray ([10:06]).
• Anthropic limited report details to avoid providing a blueprint and because they lack reliable detection or response to these attack patterns ([10:06]).

The Big Takeaway

• This is a pivotal shift—not because of shiny new techniques, but because AI allows for game-changing scale in cyber operations. Ignoring this trend is at organizational peril ([11:28]).
  • “Scale is important. Scale is a very big deal. Scale is game changing... this is the future of operations and it's really just going to mean that those top people, those most talented people get scale.” — Patrick Gray ([11:28]).

Rapid-Fire News

Notable Security Incidents

• Cisco, Citrix, and Fortinet Zero-Days ([13:20])

  • Amazon uncovered sophisticated in-memory Java post-exploitation payloads in campaign targeting Cisco Identity Services Engine. Well-crafted, competent malware.
  • Fortinet sees its 21st product vulnerability added to the CISA Known Exploited Vulnerability (KEV) list. Multiple exploited-in-the-wild bugs. “Having a Fortinet on the edge of your network is the strongest correlation to getting owned...” — Adam Boileau ([16:52]).

• CISA Staffing Snafu ([17:00])

  • After firing swathes of staff, CISA is already planning a hiring spree amid 40% vacancy. Consensus: It’s organizational self-sabotage ([18:51]).

Crime at (Massive) Scale

• Google vs. Lighthouse Phishing Platform ([19:15])

  • Google is suing 25 (mostly unnamed) operators running Lighthouse, a phishing-as-a-service operation responsible for up to $1B in fraud, hundreds of thousands of scam sites, and possibly over 100 million victims. Lawsuit is recognition that “law enforcement hasn't done anything.” ([20:22], [21:19]).

• WhatsApp Account Enumeration ([21:19])

  • Researchers easily enumerated 3.5 billion WhatsApp accounts, including profile details, highlighting the challenge of using phone numbers as public identifiers and the limitations of rate limiting ([22:37]).
  • Amusing anecdote: Patrick’s wife lost access to her WhatsApp when a Brazilian phone number was reassigned, leading to cross-continental negotiations with the new number owner ([24:32]).

• Starlink Devices in Myanmar Scam Compounds ([25:33])

  • DOJ’s workaround: Using seizure orders to force Starlink (SpaceX) to disable terminals used by scam networks. “Any tool that kind of helps hamper these scam compounds is great...” — Adam Boileau ([28:05]).

North Korean IT Worker Scams ([28:36])

• U.S. citizens—including an active-duty Army soldier—plead guilty to enabling North Korean IT worker identity fraud. Sometimes even undergoing drug tests on behalf of North Koreans; most earned a paltry sum for significant legal risk ([29:45], [30:31]).
  • “You're selling yourself scapegoat as a service, that's what you’re providing here.” — Adam Boileau ([30:33]).

Cybercrime Financial Impact

• Jaguar Land Rover Ransomware Fallout ([31:48])

  • $900M USD loss from attack; $640M lost profit and $250M recovery costs. Scale that “should motivate senior policymakers to take this as seriously as cancer.” ([32:37]).

• Akira Ransomware Gang: FBI reports $250M in ransomware profits, typically hitting small/medium business and schools ([33:10]).

• Operation Endgame: Europol takedowns of infrastructure supporting info-stealers, RATs, and botnets (“just in time crime pipeline”) — good policing at scale ([34:28]).

• Sophisticated Bitcoin Scam (Feature story): Old-school confidence/job scam with in-person meetings, caviar, and social engineering bilks hardware vendor out of $200K in BTC ([35:33]).

Sponsor Interview: MasterCard's Arooj Bernie — Unifying Fraud and Cyber Teams

Why Were Fraud and Cyber Teams Traditionally Separate?

• Historically, cyber teams focused on technology/systems security, while fraud teams protected customers and transactions. Different priorities and success metrics ([39:02]).
• Now, payment risk is more digital/cyber enabled—so risk must be approached holistically.

What's Driving Unification?

• Increasing convergence as fraud is often a result of preceding cyber activity (e.g., digital skimming breaches fuel subsequent fraud) ([41:42]).
• Communication gaps: Fraud teams often react after-the-fact because threat intelligence is not shared from cyber teams ([42:44]).

The Solution: Democratize Threat Intelligence

• MasterCard Threat Intelligence (from the Recorded Future acquisition) aims to translate technical threat intel so fraud teams can act sooner, moving from reactive to “predictive” response ([43:09]).
  • “The biggest piece that perhaps is missing today is the governance model and operating structure that these teams now need to follow... you have to have that taxonomy, the common language.” — Arooj Bernie ([45:38])

Organizational Models

• Two trends: Sometimes teams are unified under a single department; more often, they're co-located, with improved collaboration (e.g., “fusion centers”). Both models observed globally, governance key ([45:38]).

MasterCard’s Broader Vision

• Using threat intelligence to not only protect the enterprise, but also decline fraudulent transactions before they happen, protecting consumers and reducing fraud loss ([46:50]).

Memorable Quotes

• “Operational sophistication beats technical sophistication every time.” — Patrick Gray ([04:02])
• “Imagine you take your hundred best people from an intelligence Org for example and just task them with using AI tools... you're going to get just insane bang for buck. And I think that's really what the message is here and it is significant. This is huge.” — Patrick Gray ([04:02])
• “Having a Fortinet on the edge of your network is the strongest correlation to getting owned that you can have. What are you doing?” — Adam Boileau ([16:52])
• “You’re selling yourself scapegoat as a service.” — Adam Boileau ([30:33])
• “The scale is game changing... this is the future of operations and it's really just going to mean that those top people... get scale.” — Patrick Gray ([11:28])

Timestamps for Key Segments

• [01:06] – Anthropic APT/AI report details
• [02:25] – Industry criticism and transparency debate
• [04:02] – Significance of operational scale vs. technical novelty
• [09:17] – Engineering framework behind AI-powered attacks
• [13:20] – Cisco/Citrix/Fortinet zero-days and post-exploitation malware
• [17:00] – CISA layoffs and hiring spree
• [19:15] – Google’s lawsuit against Lighthouse phishing
• [21:19] – WhatsApp account enumeration at scale
• [25:33] – Starlink terminals used by scam compounds and law enforcement tactics
• [28:36] – North Korean IT worker identity scam
• [31:48] – Jaguar Land Rover ransomware financials
• [33:10] – Akira ransomware and SME/education targeting
• [35:33] – High-touch bitcoin confidence scam
• [39:02] – MasterCard interview: Why fraud and cyber teams traditionally separate
• [41:42] – MasterCard: Drivers, models, and democratizing threat intelligence

Reading List

• Derek B. Johnson, Cyberscoop (Anthropic report coverage)
• Matt Burgess, Wired (Google/Lighthouse scam)
• Andy Greenberg, Wired (WhatsApp enumeration)
• Alexander Martin, For The Record (Jaguar/Land Rover ransomware, Akira)
• Joel Khalisi, Wired (Bitcoin confidence scam feature)

Summary Tone: Thoughtful, often irreverent, and pragmatically focused on what really matters in operational information security — not technical stunts, but game-changing shifts in scale, impact, and real-world coordination.