Japan Revises AI Basic Plan to Confront Mythos-Class Cyber Threats and Disinformation

Six weeks ago, Japan’s government and its three largest banks held an emergency meeting just to talk about what one unreleased AI model from a US company might do to the country’s financial system. This week, that same model got written directly into Japan’s national AI strategy — by name.

Japan’s AI Strategic Headquarters unveiled a draft revision of the country’s AI Basic Plan on Thursday, the government’s central planning document for artificial intelligence policy. The revised draft places far greater weight on global cooperation with foreign agencies and AI developers, and explicitly names the rapid capability growth of frontier models like Anthropic’s Claude Mythos as a driver of escalating cyberattack and disinformation risk. The government says it will “actively and continuously review” Japan’s AI-related laws to keep pace with what models at that capability level can now do.

It is a notable shift in tone for a government whose AI policy, until now, has been defined almost entirely by a single instinct: move fast, regulate lightly, and try to catch up to the US and China. The new draft does not abandon that instinct, but it adds something that was largely absent from December’s original Basic Plan — an explicit acknowledgment that the same frontier capabilities Japan wants to harness are also a live national security problem.

What Happened

According to Nikkei Asia’s report on the draft policy, the revised Basic Plan commits the government to ongoing legal review specifically calibrated to high-performance models “such as Anthropic’s Claude Mythos” — a direct citation that marks an unusually specific reference for a national strategy document typically written in more general policy language. The draft frames the risk in two connected categories: AI-driven cyberattacks capable of operating at a scale and speed beyond traditional defenses, and increasingly sophisticated AI-generated disinformation.

Alongside the legal-review commitment, the draft expands the global-cooperation pillar of Japan’s existing four-part AI Basic Plan framework, calling for deeper coordination with foreign government agencies and AI developers on risk mitigation — a expansion of Japan’s existing participation in frameworks like the Hiroshima AI Process and the Global Partnership on AI, rather than the creation of an entirely new diplomatic channel.

The Mechanism: Why Mythos Specifically Forced the Issue

Claude Mythos is not a publicly released product, which makes its direct citation in a national strategy document more significant rather than less. Anthropic disclosed the model’s existence in April after deciding its cyber capabilities were too dangerous for general release, and instead launched Project Glasswing, a controlled-access consortium that has since grown to roughly 200 organizations across more than 15 countries, including critical infrastructure operators using the model defensively to find and patch software vulnerabilities at a pace human security teams cannot match.

Japan has direct, first-hand exposure to exactly what Mythos-class capability means rather than relying on secondhand reporting. The Japanese government and the country’s three megabanks were granted access to Claude Mythos Preview in early June specifically to stress-test the nation’s financial system against the kind of vulnerabilities the model can surface. That hands-on exposure appears to be feeding directly into the Basic Plan revision: a government that has spent the past several weeks watching what Mythos can find in its own banking infrastructure has a concrete basis for writing legal-review commitments calibrated to that specific capability level, rather than describing AI risk in the abstract terms most national strategies still use.

The Backstory

Japan’s AI policy machinery is barely a year old. The Diet passed the AI Promotion Act in May 2025, Japan’s first dedicated AI legislation, establishing the Prime Minister-led AI Strategic Headquarters and mandating the creation of a national AI Basic Plan. That plan was adopted by Cabinet on December 23, 2025, built around four basic policies — “Adopt AI,” “Create AI,” “Enhance AI Trustworthiness,” and “Collaborate with AI” — and an explicit national ambition to become “the most AI-friendly nation in the world.” The Act deliberately avoids EU-style fines and binding penalties, relying instead on administrative guidance, voluntary cooperation, and the reputational pressure of being publicly “named” as non-compliant.

That innovation-first posture was a direct response to a competitiveness problem: Japan ranked 12th globally for private AI investment as of the most recent Stanford AI Index data cited in the government’s own policy materials, trailing the US, China, and UK by a wide margin. The original December Basic Plan paired its light-touch regulatory stance with serious capital commitment — a roughly ¥1 trillion, five-year public support package for domestic foundation-model development, and more than ¥10 trillion in broader AI-and-semiconductor infrastructure support through 2030, part of a wider regional pattern of state-backed AI infrastructure investment also visible in South Korea’s own multi-billion-dollar wave of AI infrastructure deals earlier this year. This week’s revision does not walk back any of that industrial ambition; it layers a more explicit security posture on top of it.

The revision also lands amid a broader pattern of countries treating frontier cyber-capable models as matters of national policy rather than purely private-sector products. The Claude Mythos 5 and Fable 5 launch earlier this month brought the same underlying model class to a wider, though still tightly gated, set of Project Glasswing partners, while separate reporting has tracked European Central Bank president Christine Lagarde publicly praising Anthropic’s decision to restrict general access to the model. Japan’s draft revision puts the country’s legal and regulatory posture into that same emerging international conversation about how governments should treat AI capability that crosses a specific, named threshold.

Reactions

The government’s own framing, as relayed in the draft, leans on the phrase “actively and continuously review” — language that signals an ongoing, adaptive process rather than a single legislative fix, consistent with the “agile governance” approach Japanese officials have used to describe their AI strategy since the AI Promotion Act first passed. That framing has been a consistent thread in Japan’s public AI messaging: prioritizing speed and adaptability over the kind of fixed, comprehensive rulebook the EU has pursued.

Outside commentary on the broader Mythos phenomenon has been less measured. The Japan Times’ own commentary desk described the model in stark terms earlier this year, framing its unreleased vulnerability-discovery capability as a turning point where “advanced AI tools may democratize powerful hacking capabilities faster than governments and companies can respond” — the exact dynamic this week’s Basic Plan revision is now writing into formal government policy.

The Dispute: Naming Names in a Soft-Law Framework

Japan’s entire AI regulatory architecture is built on a soft-law premise: administrative guidance and voluntary cooperation instead of EU-style fines. Explicitly naming a specific commercial AI model in a national strategy document sits awkwardly inside that framework. It is one thing for a soft-law regime to describe general categories of risk — cyberattacks, disinformation, algorithmic bias — and quite another to single out one company’s unreleased product as the reference point for how aggressively the law should be rewritten. That specificity raises a question the draft itself does not directly answer: what happens when the next model that matches or exceeds Mythos-level cyber capability comes from a different company, on a different release timeline, with different access controls than Anthropic’s tightly gated Project Glasswing?

There is also a tension between the draft’s two headline priorities. Japan’s underlying strategic goal, stated explicitly in the original December Basic Plan, is to become the world’s most AI-friendly country and close a competitiveness gap with the US and China. A revision that commits to continuous legal review specifically targeting frontier-model risk could, depending on how it is implemented, either reassure international AI developers that Japan has a credible, adaptive risk framework — making it a more attractive market — or signal exactly the kind of regulatory uncertainty that innovation-first policy was designed to avoid in the first place.

What Happens Next

As a draft revision rather than a finalized Cabinet decision, the document will move through Japan’s established consultation process — expert committee review and public comment — before any formal adoption, mirroring the path the original Basic Plan followed last December. The clearest near-term signal to watch is whether the “continuous review” commitment produces concrete legislative proposals on a specific timeline, or remains a standing principle that gets invoked case by case as new frontier models emerge.

Why It Matters

This is among the first instances of a national government writing a specific, named commercial AI model directly into its central AI strategy as the explicit justification for ongoing legal reform — a move other governments grappling with the same Mythos-class capability question are likely to watch closely. Japan’s shift also lands alongside the EU’s own parallel struggle over its AI Act compliance timeline, where regulators are simultaneously trying to tighten oversight of frontier capability and extend deadlines for the businesses expected to comply with it. As a handful of companies produce models capable of reshaping national cybersecurity risk almost overnight, the gap between how fast AI capability is advancing and how fast legal and regulatory systems can respond is becoming the central policy problem of 2026, not a peripheral one.

Sources

Nikkei Asia; The Japan Times; Japan AI Strategic Headquarters (Cabinet Office); AWS Project Glasswing announcement.