Artificial intelligence is set to escalate cyberattacks on governments, critical infrastructures, and large corporations in the near future, as highlighted by a rare joint statement from the Five Eyes intelligence alliance on Monday, which urged business leaders to begin preparations.
Cybersecurity heads from the United States, United Kingdom, Canada, Australia, and New Zealand noted that long-standing beliefs about digital threats may soon become outdated due to rapid advancements in frontier AI systems.
“Frontier AI models are likely to surpass current industry expectations and will fundamentally change both offensive and defensive cyber capabilities,” the intelligence leaders stated.
They emphasized that “the timeline is months, not years.”
Concerns surrounding AI-related security risks have surged recently.
For instance, General Joshua Rudd from the National Security Agency warned Congress that the AI model named Mythos by Anthropic compromised many sensitive national systems in mere hours, not weeks. However, Senator Mark Warner (D-Virginia) later indicated that it shouldn’t be interpreted literally.
Additionally, the recent Trump administration’s decision to block foreign access to Anthropic’s model, the Claude Fable 5, was made due to fears of its potential as “too powerful.”
In compliance with federal directives, Anthropic took the Myth & Fable model offline after the White House’s export restrictions.
Reports have emerged indicating that the Trump administration would prevent G7 countries from accessing Anthropic’s advanced AI models, citing national security reasons.
This unprecedented warning from the Five Eyes coalition reflects growing anxiety within Western intelligence circles about how the latest AI technologies could lower barriers for hackers while simultaneously increasing the speed and sophistication of cyber threats.
While recognizing that AI can bolster cybersecurity, the agencies warned it could also enable malicious actors to find vulnerabilities and execute attacks quicker than organizations can catch up.
“AI is not a future consideration; it already exists,” the statement highlighted.
Authorities pointed out that the technology shortens the time frame between the discovery of software vulnerabilities and their exploitation, adding pressure on businesses and government entities already struggling with timely security updates.
Cyber risk is now a crucial issue that transcends IT departments.
“This is a core business risk and the responsibility of leaders,” the statement clarified.
This warning extends to not just cybersecurity teams but also corporate boards.
Executives are encouraged to understand cyber risks, empower their security leaders, routinely test defenses, and integrate cyber resilience into their business strategies.
The statement called for leaders to address several immediate priorities, including reducing unnecessary internet exposure, speeding up software updates, replacing outdated systems, tightening access controls, and preparing for potential breaches.
The agencies also cautioned that AI technologies might introduce new security vulnerabilities.
As AI systems evolve, new and unknown vulnerabilities will emerge, potentially including zero-day threats, they warned.
The guidance suggested that organizations adopt a multi-layered protection strategy instead of relying solely on one defense mechanism.
Cyber incidents should be considered inevitable, so preparation for containment and recovery is just as crucial as prevention.
“Breaches will occur,” they stated.
“Being ready can quickly contain breaches and prevent them from growing into major business or financial crises.”
Simultaneously, the Five Eyes coalition urged organizations to implement AI-driven defense tools before adversaries gain a more significant edge.
The statement noted that companies using AI in their security processes can discover vulnerabilities more rapidly, enhance software quality, detect irregular activities, and respond to incidents with more agility.
“Adversaries are already using AI to operate faster and more effectively,” the agency reminded.
“Defenders must adapt accordingly.”
The final message for both government and business entities was clear: cyber resilience is now an essential prerequisite for survival, not merely a technical safeguard.
“The rapid development of frontier AI means that assumptions about cyber risks can become irrelevant within months, rather than years,” they concluded.
“We must act now.”
