Anthropic announced in September 2025 that it will stop selling its products to groups majority-owned by entities in China, Russia, Iran, and North Korea, citing national security concerns. The San Francisco-based AI company, which maintains a focus on AI safety, implemented this policy following reports of state-sponsored cyberattacks using its models.
Security Restrictions on Foreign Entities
The policy change, finalized in September 2025, marks a shift in how the company manages access to its large language models (LLMs), including the Claude series. According to Wikipedia, the decision to restrict sales to organizations majority-owned by entities in China, Russia, Iran, and North Korea was driven by national security considerations. This move aligns with broader efforts by U.S. technology firms to comply with tightening export controls and oversight regarding dual-use technologies—systems that can be used for both benign commercial purposes and harmful military or cyber-offensive operations.
This restriction follows a documented incident in November 2025 involving the misuse of Anthropic’s technology. The company stated that hackers sponsored by the Chinese government utilized Claude to conduct automated cyberattacks against approximately 30 global organizations. Such incidents are a growing concern for developers of frontier AI models, as the ability of LLMs to generate functional code and assist in software vulnerability research has created new vectors for digital reconnaissance and exploitation.
Safeguard Bypasses and Defensive Pretenses
Anthropic reported that the actors behind these cyberattacks successfully bypassed the company’s existing safety protocols. According to the company’s internal findings, the hackers circumvented these safeguards by misrepresenting their intentions, claiming the system was being used for defensive testing purposes. This technique, often referred to in the cybersecurity industry as “red-teaming deception,” exploits the tendency of AI models to be helpful to users who frame their requests within a legitimate or professional context, such as security researchers looking for software bugs.
This incident highlights the challenges Anthropic faces in balancing the accessibility of its models with the potential for exploitation. The company, which was founded in 2021 by former OpenAI employees including siblings Daniela and Dario Amodei, has historically prioritized AI safety as a core business principle. In the summer of 2022, the company delayed the release of the first version of Claude specifically to conduct internal safety testing and avoid a race to develop increasingly powerful AI systems. This “Constitutional AI” approach, which involves training models to adhere to a specific set of principles, remains the company’s primary method for mitigating risks like jailbreaking and malicious output.
Strategic Growth and Infrastructure Expansion
Despite the tightening of access policies, Anthropic has continued to scale its infrastructure and partnerships. As of May 2026, the company holds an estimated valuation of $965 billion. This valuation reflects the massive capital requirements of the sector, where training the next generation of models requires thousands of specialized GPUs and massive amounts of electricity.
In October 2025, the company entered a cloud partnership with Google, securing access to up to one million of Google’s custom Tensor Processing Units. This agreement is expected to provide Anthropic with more than one gigawatt of AI compute capacity by 2026. Furthermore, industry interest remains high; in November 2025, reports indicated that Nvidia and Microsoft were expected to invest up to $15 billion in the firm. Anthropic also committed to purchasing $30 billion in computing capacity from Microsoft Azure, leveraging systems powered by Nvidia hardware. These massive capital expenditures are typical of the current “compute race,” where firms secure multi-year hardware commitments to ensure they do not face bottlenecks in model training or inference scaling.
Evolution of the Claude Ecosystem
The company has expanded its product offerings significantly over the last year. In May 2025, Anthropic introduced Claude 4, alongside new API capabilities such as the Model Context Protocol (MCP) connector. The company also launched a web search API that allows Claude models to retrieve real-time information from the internet, a feature that necessitates constant monitoring to ensure that the model does not ingest or propagate harmful content found online.
These developments have been accompanied by a push into specialized coding tools. Claude Code, the company’s dedicated coding assistant, transitioned from a research preview to general availability in May 2025. To support this growth, Anthropic acquired the software company Bun in December 2025, a move intended to enhance the speed and stability of the Claude Code platform. By integrating Bun’s high-performance runtime environment, Anthropic aims to reduce latency for developers using its models to build and deploy complex applications.
The company is also solidifying its presence in enterprise software. In December 2025, Anthropic signed a multi-year, $200 million partnership with Snowflake Inc. to integrate its models directly into the Snowflake platform. This partnership allows enterprise customers to utilize Claude within their own secure data environments, a crucial feature for corporations concerned about data privacy and the potential for proprietary information to be leaked to public model training sets. These strategic moves represent a broader effort to maintain a competitive advantage in the AI sector while navigating the complex geopolitical and security requirements of a global market.
Find more reporting in our Tech section.
