Five Eyes Warns AI Cyberattack Capability Months Away

Major cyberattack capabilities imminent

Artificial intelligence models capable of launching sophisticated cyberattacks that could overwhelm government and corporate defenses will arrive within months, not years, according to a joint warning from the Five Eyes intelligence alliance.

The coalition — comprising the United States, United Kingdom, Canada, Australia, and New Zealand — issued a rare public call to action Monday, urging leaders to strengthen their cyber defenses immediately. The statement reflects mounting concern among Western intelligence agencies about AI's rapidly evolving offensive capabilities.

"Frontier AI models are anticipated to exceed current industry expectations, fundamentally transforming both offensive and defensive cyber capabilities. The timeline is not years, it is months," the agencies stated.

Why it matters

This warning signals that the cybersecurity threat landscape is entering uncharted territory. Small and medium-sized businesses, which typically lack robust security infrastructure, face disproportionate risk as AI lowers barriers for attackers while accelerating the speed and complexity of breaches. The intelligence community's assessment suggests that organizations treating cyber preparedness as a future concern may already be too late.

Context: Anthropic suspension highlights urgency

The warning follows the Trump administration's directive ordering AI company Anthropic to suspend foreign nationals' use of its most advanced models. According to details first reported by CNN, the government acted after becoming aware of methods to "jailbreak" Anthropic's public Fable model — circumventing its internal safety controls.

Anthropic's Mythos 5 model had already raised cybersecurity concerns due to its exceptional ability to identify security vulnerabilities. The company and administration are currently meeting to resolve the issue.

"The really key lesson for this is that AI capabilities are evolving incredibly rapidly," said Olivia Shen, director of the Strategic Technologies Program at the University of Sydney's United States Studies Centre. She noted that while attention currently focuses on Anthropic, any organization could produce the next highly capable model.

Defensive gaps pose critical risk

The Five Eyes agencies emphasized that AI serves both as threat and solution. Organizations integrating AI tools into security operations can detect vulnerabilities earlier, monitor unusual behavior, and respond faster to incidents.

However, Shen identified a "massive gap" in current defenses. Large corporations with established cybersecurity investments are better positioned, but smaller businesses that have underinvested "will basically be like sitting ducks," she told CNN.

The agencies recommended immediate steps: invest in cyber defenses, upgrade legacy systems, patch vulnerable software, and restrict access to critical systems.

Regulatory challenges mount

Independent assessments show some AI models now reaching expert-level cyber capabilities, yet no transparent, consistent regulatory framework exists in the United States. This month, dozens of cybersecurity researchers and AI executives signed an open letter urging the administration to commit to transparent AI risk assessment processes.

Shen acknowledged the challenge of balancing innovation with security. "We need a few more guardrails about how we can maximize the benefits for defensive cyber security, while gate keeping it away from potential cyber adversaries and scammers and cyber criminals," she said.

These details were first reported by CNN, with Hadas Gold contributing.