US orders Anthropic to suspend access to Mythos and Fable models

Three decades of trying to wall off cyber capabilities have repeatedly run into the same problem: the code moves, the talent moves, and the market moves with it. The latest test came when the U.S. government ordered Anthropic to suspend all access to Fable 5 and Mythos 5 by any foreign national, including foreign national employees, and Anthropic said it received the directive at 5:21 p.m. ET and disabled both models for all customers to comply.

Anthropic said the government believed it had identified a method of bypassing, or jailbreaking, Fable 5, but the company described the issue as a narrow technique it had already patched. Anthropic said no tester had found a universal jailbreak for the model and argued that perfect jailbreak resistance is unlikely for any provider. The company also said it had spent thousands of hours red-teaming Fable 5 with the U.S. government, the UK AISI, private third parties and internal teams before launch.

The dispute is being read as the first real test of whether Washington can use export controls on frontier AI the way it once tried, with mixed results, to contain encryption and spyware. Before the ban, Mythos had reportedly been limited to about 150 vetted companies and government organizations, and Anthropic had marketed it as a tool for defenders to secure software and services before attackers could match those capabilities.

That logic echoes the early encryption fights of the 1990s. U.S. policy then centered on export restrictions and the NSA’s Clipper chip, announced in 1993, which was designed to encrypt phone calls while also creating a key accessible to the government. The chip became the Escrowed Encryption Standard in 1994 and was gone by 1996 after civil-liberties backlash, technical flaws and weak adoption. Phil Zimmermann’s Pretty Good Privacy, published free on the Internet in 1991, turned into a direct challenge to export controls and led to a three-year criminal investigation. After the case was dropped in early 1996, William J. Clinton signed Executive Order 13026 on November 15, 1996, loosening the rules.

Spyware controls have followed a similar pattern. The Wassenaar Arrangement added controls in 2013 on intrusion software and related surveillance tools, and the U.S. Commerce Department blacklisted NSO Group and Candiru in 2021 over spyware sales used to target journalists, officials and others. Yet spyware keeps spreading. SIPRI said in 2025 that export controls and sanctions are important but complex, and that their success depends on better design and coordination. The question now is whether the same strategy can work on AI systems, or whether the policy fight is repeating a history that never fully stopped the technology it was meant to contain.