{"id":212749,"date":"2026-05-12T12:00:00","date_gmt":"2026-05-12T16:00:00","guid":{"rendered":"https:\/\/testing.news-you-need.com\/index.php\/2026\/05\/12\/a-i-and-humans-battle-it-out-in-a-cybersecurity-showdown\/"},"modified":"2026-05-12T13:25:13","modified_gmt":"2026-05-12T17:25:13","slug":"a-i-and-humans-battle-it-out-in-a-cybersecurity-showdown","status":"publish","type":"post","link":"https:\/\/testing.news-you-need.com\/index.php\/2026\/05\/12\/a-i-and-humans-battle-it-out-in-a-cybersecurity-showdown\/","title":{"rendered":"A.I. and Humans Battle It Out in a Cybersecurity Showdown"},"content":{"rendered":"<p><a href=\"https:\/\/www.nytimes.com\/2026\/05\/12\/technology\/ai-cybersecurity-competition.html\">A.I. and Humans Battle It Out in a Cybersecurity Showdown<\/a><\/p>\n<p><a href=\"https:\/\/www.nytimes.com\/2026\/05\/12\/technology\/ai-cybersecurity-competition.html\">https:\/\/www.nytimes.com\/2026\/05\/12\/technology\/ai-cybersecurity-competition.html<\/a><\/p>\n<p>Publish Date: <a href=\"publish_date]\">2026-05-12 12:00:00<\/a><\/p>\n<p>Source Domain: <a href=\"www.nytimes.com\">www.nytimes.com<\/a><\/p>\n<p>Author: <a href=\"\"><\/a><\/p>\n<p> Using an unordered list, summarize the following article with between 4 and 8 key points. On a recent Friday morning, seven cybersecurity veterans gathered in a suite on the 60th floor of the Cosmopolitan hotel in Las Vegas.Surrounded by laptops, network cables, spare Wi-Fi antennas and a wall-mounted television that doubled as a massive computer screen filled with esoteric programming code, they spent the next two days hacking into a computer network in San Antonio as part of an annual event called the National Collegiate Cyber Defense Competition.As this \u201cred team\u201d of cybersecurity professionals attacked the network, dozens of elite computer science students sat in makeshift command centers across the country, trying to stop them.\u201cAny time we gain access to their machines and steal data, they lose points,\u201d said Alex Levinson, one of the leaders of the red team. \u201cAnd the expectation is that we attack with custom malware \u2014 something unique and special they have never seen before.\u201dRun by the University of Texas, San Antonio, the event welcomed 10 collegiate \u201cblue teams,\u201d each the winner of a regional contest earlier in the year. This elaborate competition aimed to simulate the high-stakes world of cyberwarfare, which meant it included a new participant: artificial intelligence. And one of the blue teams was made up entirely of so-called A.I. agents, working mostly on their own.With A.I. poised to play an increasingly important role in cybersecurity, the elaborate hacking competition demonstrated both the power of these systems and their limitations. They can help attack computer networks. And they can help defend. But they are also prone to mistakes. And they cannot yet match the skills of seasoned cybersecurity professionals \u2014 or even those of the country\u2019s most promising computer science students.But A.I. companies continue to improve these technologies. Anthropic said last month that it would limit the release of its latest A.I. technology, Claude Mythos, to a small number of trusted organizations because it might provide a new edge to malicious hackers. OpenAI later said it, too, would share similar technology with a limited group of partners.Crouched over a glass table inside the Cosmopolitan suite, one of the red team\u2019s veterans, Dan Borges, typed out an expanding list of instructions for the A.I. agents running on his laptop. As they probed the network in San Antonio, attacking one of the collegiate blue teams, the bots executed tasks on his behalf.Mr. Borges, a 37-year-old security engineer whose r\u00e9sum\u00e9 includes stints at Uber and the A.I. start-up Scale AI, wore his baseball cap backward, over dark-brown hair that stretched halfway down his back. The cap read: \u201cAloha Got Soul.\u201dThat morning, he tried to slip malicious software onto several dozen machines across the network. As his agents raced through this largely repetitive task, he planned the next stage of the attack. \u201cThey help me do things in parallel,\u201d he said. \u201cI can go fast, and I can go wide.\u201dBut soon, one of his bots took an unexpected turn: It started installing malicious software on his own machine. This, the bot decided, was a good way to understand what the malware could do. \u201cAbsolutely the worst idea I have ever heard,\u201d Mr. Borges said, breaking into a laugh.When guided by trained experts like himself, Mr. Borges said, these technologies can accelerate a wide array of tasks related to cybersecurity. But he is still grappling with their flaws.\u201cAsking them to do something is very easy,\u201d he said. \u201cBut you have to step back and say: What is the best way to get them to do what I want them to do?\u201dBefore gathering in Las Vegas, Mr. Borges and the other red team members spent weeks building bespoke software tools they could use during the two days of simulated cyberwarfare. Most of them used systems like Anthropic\u2019s Claude Code and OpenAI\u2019s Codex to build these tools more quickly. Rather than write all the code by hand, they could lean on the A.I. code generators for help.\u201cA lot of what we do leading up to the event \u2014 a lot of the development work \u2014 is what makes or breaks us during the event itself,\u201d Mr. Levinson said. \u201cOur capabilities have improved because A.I. is now helping with that.\u201dOthers, like Mr. Borges, went a step further, using the same systems to automate tasks during the competition itself, as they listened to \u201990s hip-hop and scrambled to crack the network in San Antonio. Because these systems can generate code, they can use websites, probe computer firewalls and potentially perform almost any other task on the internet.Two red team members \u2014 David Cowen and Evan Anderson \u2014 sat in front of the giant wall-mounted television, casually asking Claude Code to both organize and execute elaborate attacks with names like Project Mayhem. They leaned on the technology so heavily, they sometimes left the suite for sandwiches and coffee as Claude continued to probe the network in Texas.Mr. Cowen, a jovial security consultant from Plano, Texas, with a billowing gray-brown beard, guffawed every time the A.I. bots did something unexpected. Mr. Anderson, a self-described hacker with tattoo sleeves on both arms who runs a Denver security company, Offensive Context, never batted an eye.One afternoon, after returning from a lunch run, Mr. Cowen looked up at the TV screen and let out another cackle. While he was grabbing fried chicken sandwiches, one of his bots noticed that a blue team had loaded new software onto a machine in San Antonio. The bot then grabbed the software\u2019s default password from a database, broke into the machine and started sharing the password with the other bots. \u201cAmazing,\u201d Mr. Cowen said, chuckling. \u201cI was at lunch.\u201dBut he was quick to say the bots are only as good as the people using them. He and Mr. Anderson kept their agents on a tight leash, focusing their efforts on particular tasks and trying to catch any serious missteps.Sometimes, the bots \u201challucinated\u201d activity on the network, meaning they responded to events that did not actually happen.\u201cThe A.I. thinks it has done a lot of things, and it is telling us it has done a lot of things,\u201d Mr. Anderson said. \u201cThat sounds cool, but you have to get it to show you that what it did actually exists.\u201dThe two cybersecurity veterans were fighting fire with fire. While the other red team members attacked blue teams filled with college students, Mr. Cowen and Mr. Anderson battled a blue team staffed solely with bots. In this year\u2019s competition, Anthropic arranged for its A.I. technology to compete alongside the 10 teams of college students.This automated cyberdefense team operated with little help from Anthropic employees. But while each of the collegiate teams included eight students, the Anthropic team spanned as many as 32 individual A.I. agents.During the first few hours of the competition, the bots seemed to struggle, dropping to the very bottom of the standings. But they were hampered by a network outage. Once the network was back up, they began to hold their own.\u201cThe one thing that the A.I. is good at that the students are not is paying attention to multiple things at once,\u201d Mr. Cowen said. \u201cThe agents communicate better \u2014 and they never give up.\u201dThey also behaved in strange and unexpected ways, sometimes failing to take the obvious steps needed to defend their machines. Occasionally, the bots would get stuck in a rut, which meant their human minders had to step in.But in the end, the bots finished seventh out of the 11 teams. The winner was Dakota State University, a perennial contestant but a first-time champion.After watching the performance of the technology on both sides \u2014 attack and defense \u2014 Mr. Anderson said it remained a tool that was most effective in the hands of experienced cybersecurity professionals. It works best, he said, when it follows strict instructions.\u201cI have a history of doing this, so I have it look for certain things to happen and then do the next thing I want it to do,\u201d he said.Although Mr. Cowen does not trust A.I. technology to make decisions on its own, he thinks that will change as the systems become better and better.\u201cIt will get there,\u201d he added.<br \/><\/p>\n","protected":false},"excerpt":{"rendered":"<p>A.I. and Humans Battle It Out in a Cybersecurity Showdown https:\/\/www.nytimes.com\/2026\/05\/12\/technology\/ai-cybersecurity-competition.html Publish Date: 2026-05-12 12:00:00&#8230;<\/p>\n","protected":false},"author":1,"featured_media":212750,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/static01.nyt.com\/images\/2026\/05\/07\/07visualUploader-24467-cover\/07visualUploader-24467-cover-facebookJumbo.jpg","fifu_image_alt":"","footnotes":""},"categories":[15],"tags":[26,20,24,35,32],"class_list":["post-212749","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","tag-ai","tag-artificial-intelligence","tag-cybersecurity","tag-hacker","tag-malware"],"_links":{"self":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/212749"}],"collection":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/comments?post=212749"}],"version-history":[{"count":1,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/212749\/revisions"}],"predecessor-version":[{"id":212751,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/212749\/revisions\/212751"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/media\/212750"}],"wp:attachment":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/media?parent=212749"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/categories?post=212749"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/tags?post=212749"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}