Five Eyes Warns AI Could Supercharge Cyberattacks Within Months

The intelligence agencies of five Western nations issued a rare joint warning Monday: frontier AI systems could fundamentally transform cyberattacks against governments, critical infrastructure, and major corporations — and the timeline is months, not years.

The statement came from the cyber chiefs of the United States, United Kingdom, Canada, Australia, and New Zealand — the Five Eyes intelligence alliance.

What the Five Eyes Actually Said

The agencies warned that frontier AI models are advancing faster than most organizations' current security assumptions can handle.

Long-standing digital threat models, they said, risk becoming obsolete before most organizations have adapted to them.

"Frontier AI models are anticipated to exceed current industry expectations, fundamentally transforming both offensive and defensive cyber capabilities," the statement said, according to New York Post reporting on the advisory. The agencies specifically highlighted AI's capacity to help attackers identify vulnerabilities, automate attacks, and exploit weaknesses faster than organizations can respond through traditional patching cycles.

📰 Related: Anthropic CEO Dario Amodei Calls for Government Power to Block Dangerous AI Models

Why This Warning Is Different From Previous Ones

🤖 AI Generated Image

Joint statements from all five intelligence agencies are uncommon. Single-agency warnings about AI and cybersecurity have become routine. A coordinated advisory from the heads of NSA, GCHQ, and their counterparts in Canada, Australia, and New Zealand signals a level of collective concern that goes beyond routine public messaging.

The agencies were unusually direct about timeline.

"AI is not a future consideration — it is already here," the statement said. Officials warned that the technology is already shrinking the time between the discovery of a software vulnerability and its exploitation by attackers — a compression that puts additional pressure on the gap between when a security patch exists and when organizations actually apply it.

📰 Related: Anthropic Shuts Down Fable 5 and Mythos 5 After US National Security Order

The Statement Was Addressed to Boardrooms, Not Just IT Teams

The agencies explicitly reframed cyber risk as a leadership issue rather than a technical one.

"Cyber risk can no longer be treated as a purely technical issue," the statement said. "This is a core business risk and leadership responsibility."

Specific guidance for executives included: understanding their organization's cyber risk exposure, empowering security leaders, regularly stress-testing defenses, reducing unnecessary internet exposure, accelerating software patching timelines, replacing legacy systems that no longer receive security updates, and preparing explicitly for the assumption that a breach will eventually occur.

The agencies also urged organizations to adopt AI-powered defensive tools before adversaries gain a greater advantage — acknowledging that AI strengthens cyber defenses as well as attacks. "Adversaries are already using AI to move faster and more effectively," the statement said. "Defenders must do the same."

📰 Related: KPMG AI Report Exposes a Bigger Problem Inside Corporate AI

The Context: Anthropic's Models and Export Controls

The Five Eyes advisory arrived against the backdrop of an intensifying debate over the most powerful AI models currently in development.

Earlier this month, the Trump administration placed export controls on Anthropic's most advanced models — Mythos and Fable — citing national security concerns, and blocked G7 countries from regaining access after the initial ban was imposed. Anthropic subsequently pulled both models offline entirely to comply with federal directives. NSA director Gen. Joshua Rudd told Congress that Anthropic's Mythos had "broken into almost all of our classified systems, not in weeks, but in hours" — a statement that was later partially walked back, with a clarification that it should not be read literally.

Whether the Five Eyes statement was timed to coincide with that policy environment or simply reflects a pre-existing intelligence consensus is not addressed in the advisory itself.

Key Takeaways

• The Five Eyes intelligence agencies (US, UK, Canada, Australia, New Zealand) issued a rare joint advisory warning AI could transform cyberattacks within months.

• Frontier AI models can help attackers identify vulnerabilities, automate attacks, and exploit weaknesses faster than organizations can respond.

• The agencies said cyber risk is now a boardroom-level responsibility, not purely a technical one.

• Immediate guidance includes: reduce internet exposure, accelerate patching, replace legacy systems, prepare for inevitable breaches.

• The agencies urged organizations to adopt AI-powered defensive tools before adversaries gain advantage.

• The advisory arrives amid the Trump administration's export controls on Anthropic's Mythos and Fable AI models on national security grounds.

Sources

• New York Post — AI Could Fuel Severe Cyberattacks Against Governments, Businesses Within Months, Five Eyes Warn

• Anthropic — Fable 5 and Mythos Shutdown After US National Security Order

Also Read

• Anthropic CEO Dario Amodei Calls for Government Power to Block Dangerous AI Models

• KPMG AI Report Exposes a Bigger Problem Inside Corporate AI

• Anthropic's Fable 5 Puts AI Reasoning Traces Under Scrutiny