European Central Bank urges banks to boost cyber security investments as AI threats accelerate

The European Central Bank just told the continent’s biggest banks they need to spend more on cybersecurity, and the reason is exactly what you think it is: artificial intelligence is making cyberattacks faster, smarter, and harder to defend against.

ECB Executive Board member Frank Elderson delivered the message during an urgent meeting with major euro area banks on May 23, laying out a threat landscape that reads like a thriller movie pitch. Advanced AI models can now discover and exploit software vulnerabilities at speeds that make traditional defense timelines look quaint.

The 30-minute problem

Elderson warned that AI models now have the capability to reverse-engineer software patches within roughly half an hour. In English: the moment a company releases a fix for a security flaw, AI can dissect that fix, figure out what the original vulnerability was, and build an attack around it before most security teams have finished their morning coffee.

Elderson specifically flagged models like Anthropic’s Claude Mythos as examples of the new generation of AI that can expose thousands of zero-day vulnerabilities. Zero-days are security flaws that software makers don’t know about yet, which means there’s no existing fix.