President Trump’s Cyber Strategy for America calls for a more “proactive and persistent” approach to cyber threats. But a new reality is emerging: the next phase of cyber conflict will not only be faster — it will be autonomous. It will also exploit a part of the Internet the United States government still treats as an afterthought, the Domain Name System (DNS).

For years, cybersecurity experts have warned that the DNS (essentially the Internet’s phonebook that translates website names, such as disney.com, into the numerical IP addresses computers use to find each other) is not just infrastructure but also a supply chain for cybercrime. Domains are the starting point for phishing, ransomware, fraud, and nation-state attacks. They are inexpensive to acquire, easy to discard, and currently difficult to trace.

Recent analysis of the cybercrime ecosystem, including industry discussions among major DNS operators and research by groups such as Interisle Consulting, makes it clear: cybercrime is no longer a series of isolated incidents. It is an industrialized supply chain — one in which domain names are the raw material.

Now, artificial intelligence is about to scale that supply chain beyond the capacity of cybersecurity experts.

Anthropic’s new AI model, Mythos, marks a turning point. Unlike earlier tools that assist human hackers, Mythos can independently identify software vulnerabilities, craft exploit chains, and execute multi-step attacks. In testing, it has uncovered thousands of previously unknown flaws across major operating systems and web platforms , some dating back years or even decades.

This is not incremental progress. It marks a shift from human-scale hacking to machine-scale exploitation.

But Mythos and Mythos-type technologies will not operate in a vacuum. The impact will depend on the infrastructure it can leverage , and today, the DNS provides exactly what these new AI technologies need.

An AI system with a Mythos-type capability could autonomously:

Discover a new vulnerability
Generate thousands of domain names tailored to exploit it
Register those domains instantly across low-cost providers
Deploy convincing phishing or malware campaigns
Rotate infrastructure continuously to evade detection
This is the fully automated cybercrime supply chain.

The scale of the problem is already evident. According to the Federal Bureau of Investigation, Americans lost more than $20 billion to cybercrime last year, with fraud increasingly driven by AI-powered impersonation and cryptocurrency scams. That figure reflects a system already under strain — before autonomous models like Mythos are widely deployed.

The reason this works is not just technological. It is structural.

First, attribution has collapsed. Domain name registration data, known as WHOIS, has unnecessarily gone dark due to actions by the Internet Corporation for Assigned Names and Numbers (ICANN) and its Contracted Parties, such as Verisign and GoDaddy, enabling malicious actors to operate with minimal risk of identification.

Second, the DNS attack surface is expanding. On April 30, ICANN will begin accepting applications for a new wave of generic top-level domains (gTLDs), which will introduce hundreds or thousands of new namespaces, many with inconsistent enforcement and low barriers to entry, conditions that are ideal for automated abuse.

Third, the U.S. government lacks visibility into this layer. Incident reporting frameworks administered by the Cybersecurity and Infrastructure Security Agency do not fully cover domain registrars and registries. Meanwhile, the global DNS system, coordinated by ICANN, operates largely outside direct U.S. authority.

The result is a mismatch between threat and defense. The United States is preparing for AI-driven cyber conflict — but leaving the core infrastructure that enables those attacks to scale untouched.

Mythos exposes that gap.

For decades, cyberattacks were constrained by human limits: time, skill, and coordination. DNS abuse has always been a problem. Bad actors could spin up domains, but not at infinite scale.

AI removes those constraints.

What Mythos changes is not just the sophistication of attacks but their economics. When vulnerabilities can be discovered automatically and exploited instantly across thousands of domains, the marginal cost of an attack approaches zero. Defense, meanwhile, remains slow, manual, and fragmented.

That imbalance is not sustainable if the United States wants to protect its critical infrastructure and businesses from cyber attacks.

The Administration is right to emphasize imposing costs on adversaries. But that objective cannot be achieved if the core infrastructure for DNS attacks remains cheap, anonymous, and largely ungoverned.

Fixing this requires treating DNS as the critical infrastructure it has become within the cyber battlespace.

Start with accountability. Law enforcement, cybersecurity firms, child protection organizations, and trademark holders need real-time, cost-free access to domain name registration data, as it was before 2018. Without attribution, there is no way to know WHOIS behind the domain names that are causing harm.

Close the reporting gap. If the DNS is critical infrastructure, registrars and registries must be included in federal incident-reporting frameworks. Blind spots in a machine-speed threat environment are strategic liabilities.

Shift responsibility upstream. The companies that sell and manage domain names are not neutral bystanders in this ecosystem. They are gatekeepers and should be held accountable for maintaining accurate registration data and for responding promptly to abuse.

Raise the cost of attacks. Identity verification for bulk registrations and rapid takedown standards would begin to disrupt the economics of automated cybercrime.

Match speed with speed. If AI is powering offense, it must also power defense by predicting malicious domains before they activate and blocking them in real time.

None of these steps requires abandoning the open Internet, but they do require abandoning the fiction that the DNS is merely technical plumbing.

It is not. It is the foundation of the cybercrime supply chain and now serves as the launchpad for autonomous attacks on our nation’s critical infrastructure and businesses.

The United States is entering an era in which cyber threats will operate at machine speed. In that world, leaving the DNS unsecured is not just a vulnerability. It is an invitation.

Washington is right to prepare for more aggressive cyber conflict. But if Congress and the Administration fail to secure the DNS infrastructure that underpins it, the next generation of attacks won’t just be harder to stop; they will go unabated.

The ultimate irony is that the Domain Name System, which was developed by the United States, is quickly becoming the US cybersecurity’s weakest link.

For years, cybersecurity experts have warned that the DNS (essentially the Internet’s phonebook that translates website names, such as disney.com, into the numerical IP addresses computers use to find each other) is not just infrastructure but also a supply chain for cybercrime. Domains are the starting point for phishing, ransomware, fraud, and nation-state attacks. They are inexpensive to acquire, easy to discard, and currently difficult to trace.

Recent analysis of the cybercrime ecosystem, including industry discussions among major DNS operators and research by groups such as Interisle Consulting, makes it clear: cybercrime is no longer a series of isolated incidents. It is an industrialized supply chain — one in which domain names are the raw material.

Now, artificial intelligence is about to scale that supply chain beyond the capacity of cybersecurity experts.

Anthropic’s new AI model, Mythos, marks a turning point. Unlike earlier tools that assist human hackers, Mythos can independently identify software vulnerabilities, craft exploit chains, and execute multi-step attacks. In testing, it has uncovered thousands of previously unknown flaws across major operating systems and web platforms , some dating back years or even decades.

This is not incremental progress. It marks a shift from human-scale hacking to machine-scale exploitation.

But Mythos and Mythos-type technologies will not operate in a vacuum. The impact will depend on the infrastructure it can leverage , and today, the DNS provides exactly what these new AI technologies need.

An AI system with a Mythos-type capability could autonomously:

Discover a new vulnerability
Generate thousands of domain names tailored to exploit it
Register those domains instantly across low-cost providers
Deploy convincing phishing or malware campaigns
Rotate infrastructure continuously to evade detection
This is the fully automated cybercrime supply chain.

The scale of the problem is already evident. According to the Federal Bureau of Investigation, Americans lost more than $20 billion to cybercrime last year, with fraud increasingly driven by AI-powered impersonation and cryptocurrency scams. That figure reflects a system already under strain — before autonomous models like Mythos are widely deployed.

The reason this works is not just technological. It is structural.

First, attribution has collapsed. Domain name registration data, known as WHOIS, has unnecessarily gone dark due to actions by the Internet Corporation for Assigned Names and Numbers (ICANN) and its Contracted Parties, such as Verisign and GoDaddy, enabling malicious actors to operate with minimal risk of identification.

Second, the DNS attack surface is expanding. On April 30, ICANN will begin accepting applications for a new wave of generic top-level domains (gTLDs), which will introduce hundreds or thousands of new namespaces, many with inconsistent enforcement and low barriers to entry, conditions that are ideal for automated abuse.

Third, the U.S. government lacks visibility into this layer. Incident reporting frameworks administered by the Cybersecurity and Infrastructure Security Agency do not fully cover domain registrars and registries. Meanwhile, the global DNS system, coordinated by ICANN, operates largely outside direct U.S. authority.

The result is a mismatch between threat and defense. The United States is preparing for AI-driven cyber conflict — but leaving the core infrastructure that enables those attacks to scale untouched.

Mythos exposes that gap.

For decades, cyberattacks were constrained by human limits: time, skill, and coordination. DNS abuse has always been a problem. Bad actors could spin up domains, but not at infinite scale.

AI removes those constraints.

What Mythos changes is not just the sophistication of attacks but their economics. When vulnerabilities can be discovered automatically and exploited instantly across thousands of domains, the marginal cost of an attack approaches zero. Defense, meanwhile, remains slow, manual, and fragmented.

That imbalance is not sustainable if the United States wants to protect its critical infrastructure and businesses from cyber attacks.

The Administration is right to emphasize imposing costs on adversaries. But that objective cannot be achieved if the core infrastructure for DNS attacks remains cheap, anonymous, and largely ungoverned.

Fixing this requires treating DNS as the critical infrastructure it has become within the cyber battlespace.

Start with accountability. Law enforcement, cybersecurity firms, child protection organizations, and trademark holders need real-time, cost-free access to domain name registration data, as it was before 2018. Without attribution, there is no way to know WHOIS behind the domain names that are causing harm.

Close the reporting gap. If the DNS is critical infrastructure, registrars and registries must be included in federal incident-reporting frameworks. Blind spots in a machine-speed threat environment are strategic liabilities.

Shift responsibility upstream. The companies that sell and manage domain names are not neutral bystanders in this ecosystem. They are gatekeepers and should be held accountable for maintaining accurate registration data and for responding promptly to abuse.

Raise the cost of attacks. Identity verification for bulk registrations and rapid takedown standards would begin to disrupt the economics of automated cybercrime.

Match speed with speed. If AI is powering offense, it must also power defense by predicting malicious domains before they activate and blocking them in real time.

None of these steps requires abandoning the open Internet, but they do require abandoning the fiction that the DNS is merely technical plumbing.

It is not. It is the foundation of the cybercrime supply chain and now serves as the launchpad for autonomous attacks on our nation’s critical infrastructure and businesses.

The United States is entering an era in which cyber threats will operate at machine speed. In that world, leaving the DNS unsecured is not just a vulnerability. It is an invitation.

Washington is right to prepare for more aggressive cyber conflict. But if Congress and the Administration fail to secure the DNS infrastructure that underpins it, the next generation of attacks won’t just be harder to stop; they will go unabated.

The ultimate irony is that the Domain Name System, which was developed by the United States, is quickly becoming the US cybersecurity’s weakest link.