화이트리스트의 승리: Anthropic이 국방부 블랙리스트를 컨소시엄으로 전환한 방법

The Whitelist Won How Anthropic turned a Pentagon blacklist into a thirteen-company consortium and what that says about who actually controls the defense supply chain. The Trump administration moved to designate Anthropic a supply chain risk. The move was supposed to cut off a company the government had decided was incompatible with defense work. Two months later, the designation is legally tangled, operationally hollow, and commercially surrounded by a coalition of more than forty organizations that effectively *are* the defense industrial base. The Anatomy of a Blacklist That Failed to Bite The mechanism is straightforward in theory. The Defense Department designates a company as a supply chain risk. DoD contractors are then prohibited from using that company’s technology in work touching government systems. The company is frozen out. The problem for the blacklisters is that Anthropic has spent two years becoming load-bearing. Project Glasswing, announced April 7, 2026, is the most recent expression of that strategy. The consortium includes Microsoft, Apple, Google, Amazon Web Services, Nvidia, the Linux Foundation, Cisco, Broadcom, and more than forty other tech, cybersecurity, critical infrastructure, and financial organizations. The member list is a cross-section of the commercial infrastructure the defense sector runs on. The arrangement is operational, not cosmetic. Anthropic provides its Mythos frontier model to the consortium for adversarial testing against real critical software stacks. Findings flow through partner security platforms into enterprise security workflows. The Linux Foundation provides a governance layer for responsible disclosure standards. This is not a lobbying front. This is a product flow. The implication for the DoD blacklist is direct: if CrowdStrike runs Mythos-derived findings in its products, and CrowdStrike is DoD-compliant, then Anthropic is inside the defense supply chain by definition. The ban does not remove the dependency. It removes the visibility into it. The DoD ends up with less information about what its own contractors are running. The Pentagon made the designation under two separate statutory authorities. The first, 10 U.S.C. § 3252, was the narrower track, it blocked Anthropic from being used as a subcontractor in covered settings. The second, 41 U.S.C. § 4713 (part of the Federal Acquisition Supply Chain Security Act, FASCSA), is broader and remains in effect. Judge Lin’s preliminary injunction blocked the § 3252 designation, the Presidential Directive, and the Hegseth Directive. The § 4713 FASCSA designation survives that ruling and is being challenged in the D.C. Circuit under that statute’s exclusive judicial review provision. The operational mechanism for § 4713 is FAR 52.204-30, which prohibits using products or services from a designated source as part of the performance of a covered contract, regardless of whether those products are delivered to the government. Contractors holding DoD contracts containing this clause face affirmative compliance obligations: reasonable inquiry into use of designated source products, reporting to the contracting officer within three business days, and submission of mitigation plans within ten. The scope of § 4713 extends beyond formal subcontracting relationships. An aggressive interpretation of the “as part of the performance” standard may capture uses of Anthropic products, such as using Claude Code under a general license to write software that ends up in a DoW system, that the narrower § 3252 framework would not reach. Who Showed Up and Who Did Not Look at who showed up for Glasswing and who did not. These are not oversights. Microsoft, Apple, Google, AWS, Nvidia, Cisco, Broadcom, the Linux Foundation, and more than forty other organizations — covering compute, cloud, device security, networking hardware, enterprise cybersecurity, financial infrastructure, and open-source governance. This is a deliberate structural encirclement. Anthropic did not build a partnership. It built a chokepoint. Look at who is notably absent. Meta. OpenAI. Oracle. The three companies with the most direct competitive overlap with Anthropic’s commercial AI position. Their absence from Glasswing is by design. Anthropic built a consortium out of the companies whose own security stacks would be weakened by the blacklist’s enforcement, not the companies that might compete with it directly. Notice what this means for the political economy of the ban. JPMorgan Chase alone spends over $10 million annually on federal lobbying. Cisco, Broadcom, Palo Alto Networks, and the major cloud providers maintain substantial lobbying presence. These companies are now operating a consortium the US government considers a threat vector. The natural equilibrium is pressure on the government to formally distinguish between Anthropic’s commercial AI products and whatever the DoD actually objects to. Or acceptance that the whitelist is too economically and politically