BusinessCantillon

Irish banks left with work to do on cyber security amid Mythos threat

Report shows financial institutions in Ireland among the most vulnerable in Europe to hackers

Cantillon's picture
Cantillon
Tue Apr 28 2026 - 06:002 MIN READ
Anthropic's Mythos is believed to be highly efficient at finding bugs in computer code that could open the door to mass hacking. Photograph: Gabby Jones/Bloomberg
Anthropic's Mythos is believed to be highly efficient at finding bugs in computer code that could open the door to mass hacking. Photograph: Gabby Jones/Bloomberg

Unless you’ve been living under a rock, by now you’ll have heard about Anthropic’s new AI model, Mythos, and the apparent risks it brings to the global financial system and tech world in general.

Mythos is supposedly so powerful that Anthropic is not making it generally available, instead providing it to only a few dozen companies.

It is, according to reports, scarily efficient at finding bugs in computer code that could open the door to mass hacking on an even greater scale than is already the case.

The Economist reported that Mythos had identified bugs in software widely used in financial services that had been undiscovered for nearly 30 years.

READ MORE

Lower growth but no recession says Bank of Ireland, and RTE’s new radio jingles

Central banks struggle to navigate open-ended price shock

Irish investment fund returns ‘seem very small to me when taking account of market risks’

How to Invest ... your questions answered

There are now widespread expectations that consumers and businesses are about to receive a slew of software updates to close gaps that Mythos has discovered.

Given this new environment, one hopes companies that manage and guard our data – and other important things – are on the ball when it comes to cyber security.

A new report from consultancy Security Scorecard is not overly reassuring in this regard. It assessed company security using “factors such as network security, malware infections, endpoint security, patching cadence, application security and DNS health".

According to their survey of the top 100 financial institutions in Europe, Ireland (along with Italy and Switzerland) have the biggest proportion of so-called C-rated financial institutions, which makes them about five times more likely to suffer a cyber security breach than a company that is A-rated.

Still, the report makes clear that regardless of rating, companies need to get their ducks in a row when it comes to defending their IT systems.

“While only 7 per cent experienced direct breaches, nearly all were affected indirectly – 96 per cent through third-party and 97 per cent through fourth-party relationships,” it said.

In truth, it will be almost impossible for any bank to cover all bases, no matter how much it spends. As Security Scorecard itself says: “The real danger isn’t always the front door – it’s who’s holding the spare keys.”

Clearly the banks have plenty of work to do on cyber security, but no amount of work will make their systems foolproof.

  • From maternity leave to remote working: Submit your work-related questions here

  • Listen to Inside Business podcast for a look at business and economics from an Irish perspective

  • Sign up to the Business Today newsletter for the latest new and commentary in your inbox

Business Today

Business Today

Get the latest business news and commentary from our expert business team in your inbox every weekday morning