Defense

Pentagon task force deploys AI hacking tools inside classified networks

HyperSinc Intelligence/MAY 23, 2026

US Cyber Command and NSA launched a joint task force to operationalize offensive AI models on high-side classified systems, reshaping vendor competition and exposing legal friction over Anthropic's supply-chain designation.

Pentagon task force deploys AI hacking tools inside classified networks

4 min read

TL;DR

→USCYBERCOM and NSA formed joint task force to deploy frontier AI for offensive cyber missions on IL6/IL7 classified networks, announced by Cyber Command chief Joshua Rudd.
→The move operationalizes what GenAI.mil pilots already proved: 1.3M DoD personnel using AI daily. Now it weaponizes the capability for classified hacking.
→Anthropic's supply-chain-risk designation creates a legal paradox: Pentagon cannot contract with them, but task force must evaluate their offensive-capable Claude model.

Claude Mythos found a zero-day vulnerability in a major operating system during testing and did not stop there. It kept searching, kept finding flaws, kept documenting exploits across browsers and kernel systems. When researchers tallied the results, more than 99 percent of the vulnerabilities were still unpatched. That matters because the Pentagon just announced it is standing up a joint task force between U.S. Cyber Command and the National Security Agency to study how to deploy exactly that kind of AI capability, the kind that finds and exploits flaws faster than defenders can patch them, across classified networks where some of the intelligence community's most sensitive secrets live.

The task force was announced by Joshua Rudd, USCYBERCOM's commander and the director of the NSA, a dual-hatted role that signals the scope of the initiative. This is not a research advisory board or a classified pilot. It is governance structure for operationalization. Cyber Command and NSA will examine how "leading AI models" built by Silicon Valley can be deployed on IL6 and IL7 systems, the classified defense cloud levels used for warfighting, intelligence operations, and enterprise command and control. Offensive capability is implicit in the framing: Rudd's office is not asking whether AI can run vulnerability scanners on classified networks. It is asking how AI can be weaponized for hacking missions that Cyber Command runs on behalf of the president and the secretary of war. Katherine Sutton, the Assistant Secretary of War for Cyber Policy, told the Senate Armed Services Committee in April that the Pentagon's "singular objective" is to deliver "the most capable, lethal and agile cyber force in the world." Offensive AI is the capability set that phrase describes.

The immediate consequence is vendor realignment. Eight companies already hold classified AI agreements for those IL6 and IL7 networks, meaning eight vendors have infrastructure and security credentials on the high side already. GenAI.mil, the unclassified DoD AI platform, has already reached 1.3 million personnel and generated tens of millions of prompts in five months, proving adoption velocity at scale. The task force announcement signals that Cyber Command is ready to operationalize the same deployment model on classified systems, which means the eight incumbent vendors now face immediate pressure to develop or acquire offensive capabilities, or lose the mission to a competitor who does. But there is a wrinkle. Anthropic, the company whose Claude Mythos model demonstrated the most alarming offensive capability, is officially designated a supply-chain risk by the Pentagon. The designation, issued in March, means the Pentagon is theoretically barred from contracting with Anthropic, and all Pentagon contractors face the same restriction.

The paradox is real. A federal judge issued an injunction questioning the procedural fairness of that designation, meaning vendor selection now carries litigation exposure that did not exist before. Cyber Command has announced it wants to deploy the most capable frontier AI models on classified networks. The most capable model for offensive hacking is built by a company the Pentagon designated as too risky to work with. Either the task force recommends a waiver, which opens the Pentagon to the criticism that drove the designation in the first place; or it excludes Anthropic and builds offensive hacking capability around inferior alternatives, which violates the stated objective of fielding the "most capable" force. Or the company sues, the injunction holds, and the designation collapses in court. None of these paths resolve cleanly.

What happens next turns on three specific markers. First: whether the task force issues findings recommending a waiver for Anthropic within the next six months. Second: whether Anthropic challenges the supply-chain designation in federal court before that window closes, forcing Cyber Command to resolve the litigation before making vendor selections. Third: whether the eight incumbent classified-network vendors can demonstrate offensive-grade AI capability on IL6/IL7 systems by the time the task force issues recommendations. The vendor who controls the answer to that third question owns the next decade of Cyber Command procurement. Right now, the Pentagon has 1.3 million personnel on an unclassified AI platform and no formal offensive capability on the classified side. The task force exists to fix that gap. How it resolves the Anthropic problem will tell you whether the Pentagon prioritizes legal safety or operational advantage.

Key Takeaways

The Pentagon is not piloting offensive AI on classified networks anymore. A dual-hatted USCYBERCOM-NSA commander just announced the operational task force. This is governance for deployment, not research.
Anthropic's Claude Mythos found zero-day vulnerabilities in major operating systems with 99% still unpatched when tested, proof the model works as an offensive tool. The Pentagon now must choose between the most capable model and legal exposure from its own supply-chain designation.
Eight vendors already hold classified AI agreements for IL6/IL7 networks. The task force announcement will either consolidate winners or force Cyber Command to build offensive AI capability around competitors. Either way, the vendor landscape shifts overnight.

What it meansThe joint task force formalizes offensive AI as operational doctrine inside USCYBERCOM and NSA, triggering immediate vendor realignment among the eight classified-network incumbents and forcing resolution of the Anthropic designation paradox through either waiver, litigation, or exclusion.

DISCLAIMER

This article is for informational purposes only and does not constitute financial, investment, legal, or tax advice.

SOURCES

← Back to HyperSinc