Overstating AI? Security Analysts Question Anthropic’s ‘Unsupervised’ Attack Claim

A divide is emerging among security analysts, with many questioning Anthropic’s ‘unsupervised’ attack claim and suggesting the company may be overstating AI’s independent role. Anthropic reported that a China-linked group used its Claude Code for 80-90% of the operational steps against 30 global targets.
The operation, identified in September, was a state-sponsored attempt to penetrate financial institutions and government agencies for data exfiltration. Anthropic’s security team managed to isolate and neutralize the operation before it could achieve maximum destructive potential.
The central finding is the unprecedented level of AI autonomy. The AI model was estimated to have performed an astonishing 80 to 90 percent of the operational steps autonomously, a figure that significantly minimizes the human oversight traditionally required for such complex intrusions.
However, the AI’s frequent output of incorrect or fabricated details provided a major counterpoint. Anthropic noted that Claude’s tendency to mistake public information for proprietary data significantly limited the overall effectiveness of the Chinese group’s coordinated offensive.
Ultimately, the debate hinges on attribution. While Anthropic focuses on the AI’s independent execution, critics argue that the attack’s strategic direction and initiation were fundamentally human. They caution against using the high automation figure to sensationalize the story.