The US government shut down Anthropic’s most powerful AI models on June 12, citing national security concerns about their hacking capabilities. But a growing chorus of cybersecurity experts argues that the crackdown misses the point: AI models with advanced offensive capabilities are inevitable, and piecemeal export controls on individual models will not stop them.
The argument, laid out most forcefully in a Wired analysis by Lily Hay Newman, draws on expert voices from both inside and outside Anthropic. Their consensus is uncomfortable. The question is not whether dangerous capabilities will emerge. It is whether governments are prepared for what happens when they do.
On the evening of June 12, Commerce Secretary Howard Lutnick sent a letter to Anthropic CEO Dario Amodei. The directive, issued under export control authorities by the Bureau of Industry and Security (BIS), prohibited any foreign national from accessing two models: Claude Fable 5 and Claude Mythos 5.
This was an unprecedented move. Previous US export controls on AI targeted physical goods: NVIDIA chips, semiconductor equipment, model weights stored on servers. This directive treated a live API service as a controlled export. An input box on a webpage became, in the government’s interpretation, a national security capability crossing borders.
Because Anthropic cannot verify the nationality of every API caller in real time, the company disabled both models for all users worldwide, including US citizens, on June 13. Other models, including Claude Opus 4.8, Sonnet 4.6, and Haiku, remain available.
The inevitability thesis
The Wired article’s central claim is that the government’s action obscures a much harder truth. As Bruce Schneier, the security technologist and Harvard fellow, put it: “It’s not one model; it’s the general trend of technology. Smaller, cheaper, open-source models can match Mythos and Fable’s performance with more sophisticated prompting. We should expect other models to match Mythos and Fable’s creativity and tenaciousness within months.”
Logan Graham, who leads Anthropic’s frontier red team, agreed. “The real message is that this is not about the model or Anthropic,” he told Wired. “We need to prepare now for a world where these capabilities are broadly available in six, 12, 24 months.”
Tarah Wheeler, chief security officer of TPO Group, put the point more bluntly. “It’s myopic in the extreme to think that no other competitors to Anthropic will develop similar capabilities to Mythos, or even that they have not already done so.”
What Mythos and Fable could do
Claude Mythos 5 was Anthropic’s most capable model, previewed in April 2026 and initially restricted to around 50 vetted organizations through a program called Project Glasswing. Its partners included Amazon, Apple, Google, Microsoft, and CrowdStrike, all using it for defensive cybersecurity work. The results were remarkable. Mythos identified thousands of high-severity vulnerabilities, including flaws in every major operating system and browser it tested. It discovered over 10,000 vulnerabilities in open-source software alone.
Claude Fable 5 was the publicly available version of the same architecture, but with aggressive guardrails. For sensitive topics including cybersecurity and biology, Fable 5 automatically routed queries to the less capable Claude Opus 4.8, and independent classifier systems monitored requests for jailbreak attempts.
The government’s specific concern: a narrow jailbreak technique that asked the model to analyze a codebase and fix flaws. Anthropic countered that this capability is already available from other public models, including OpenAI’s GPT-5.5, and is used routinely by cybersecurity defenders.
The policy problem
The Wired article captures a broader tension. The legal mechanism used (BIS export control authority) requires no new legislation. Any future administration can apply the same framework to any frontier model from any company. There is no statutory process or technical review board. Just a letter from the Commerce Secretary.
Chris Wysopal, cofounder of Veracode, framed the question that the government has not answered. “The policy question is not whether a technology has risk,” he said. “The question is whether a specific restriction meaningfully reduces that risk, or whether it mainly slows down the people trying to make systems safer.”
Anthropic itself, in its official response, warned that if the government’s standard was applied across the industry, “it would essentially halt all new model deployments for all frontier model providers.” The company called for a transparent, statutory process grounded in technical facts, not ad hoc directives.
International consequences
The export control order has already had knock-on effects. Chinese AI company Z.ai announced GLM-5.2 shortly after the ban, explicitly referencing the Fable 5 shutdown as proof that US AI models cannot be relied upon by international customers. The dynamic echoes the 1990s cryptography wars, when US export controls on strong encryption drove development offshore and weakened American companies.
Satya Nadella, Microsoft’s CEO, warned of a different risk. “A frontier without an ecosystem is not stable,” he said.
The big picture
The Wired article’s uncomfortable thesis deserves serious attention. The US government has shown that it can shut down a specific model from a specific company through executive action. But it has not shown that it has a plan for what happens when other companies, or open-source projects, build models with similar capabilities.
As Schneier put it, the gap between the government’s response and the technological reality is not closing. “The capabilities are coming regardless. The only question is whether we prepare for them.”
Sources: Wired (June 16, 2026); Anthropic official statement (June 12, 2026); TechCrunch (June 12, 2026); CyberScoop (June 9, 2026); Winzheng summary of Wired analysis (June 17, 2026)