Five Eyes Intelligence Alliance Warns AI Cyber Threats Could Strike Within Months

Top Intel Agencies Say AI-Driven Cyber Catastrophes Are Imminent: 'The Timeline Is Not Years, It Is Months'

In a rare joint statement, the Five Eyes intelligence alliance -- the United States, Australia, the United Kingdom, Canada, and New Zealand -- warned on Monday that the cybersecurity threats posed by advanced AI models are approaching a critical point. "As the leaders of the Five Eyes cyber security agencies, we are united in our call to action: the evolving landscape of artificial intelligence (AI) is rapidly transforming cyber risk, and we must act swiftly to remain ahead," the alliance said in a joint statement signed by the intelligence chiefs of all five countries, including the United States' David Imbordino, who leads the National Security Agency's cybersecurity directorate, and Nick Andersen, who is the acting director of the Cybersecurity and Infrastructure Security Agency (CISA). "The timeline is not years, it is months." In the letter, the leaders say that developments in AI have been accelerating the "speed, scale, and sophistication of cyber threats" by lowering barriers for bad actors and shrinking the window between the discovery of a software vulnerability and its exploitation. "Cyber risk can no longer be treated as a purely technical issue. This is a core business risk and leadership responsibility," the letter reads. "Breaches will occur. Preparedness helps you contain them quickly and prevent escalation into major operational and financial crises." To help address the risks, the Five Eyes are urging leaders to limit unnecessary system access and external connectivity, avoid delays in patching vulnerabilities by prioritizing security updates, test response plans for potential breaches, strengthen identity authentication, and limit user access to critical systems. The group also urged organization leaders to integrate AI into their security operations. "Organisations that integrate AI tools into their security operations can detect vulnerabilities earlier, improve software quality, monitor unusual behaviour, and respond faster to incidents - reducing both the cost and impact of incidents," the group wrote. The statement comes at a tense time for cybersecurity. Earlier this year, Anthropic announced a new AI model called Mythos, which it said was so scary good at cracking software vulnerabilities that access could only be granted to select organizations and governments. Promptly after Anthropic's limited deployment of its spooky new, allegedly privacy-shattering model, OpenAI came forward with a model of its own with similar premises. According to reports from the few organizations that have gained access, the Mythos model is able to bypass Apple's notoriously tough-to-crack operating system and completely take over a corporate system in six out of 10 attempts. After announcing it had begun its long-awaited IPO process, Anthropic first expanded access to the Mythos model before releasing an allegedly safer defanged version to the public called Claude Fable 5. That model was not up for too long before the Trump administration intervened and forced Anthropic to suspend foreign nationals' access to both Fable 5 and Mythos, citing national security concerns. The ban included all foreign nationals living in or outside of the United States, including the company's own employees. To ensure compliance, Anthropic disabled access to both models for all users. The anticipated impact of these next-generation AI models is quickly becoming a major topic of discussion in global politics. Last week, AI company chiefs like Anthropic's Dario Amodei, OpenAI's Sam Altman, and Google DeepMind's Demis Hassabis were in attendance at the annual G7 Summit, taking seats at the same table as leaders of some of the most powerful governments in the world to discuss, among other things, the cyber risks of their models. While new AI models continue to put pressure on cybersecurity agencies around the world, the United States is facing another crisis of its own. Shortly after President Trump took office in January 2025, the nation's top cybersecurity agency, CISA, lost a third of its workforce to layoffs initiated by the administration. Even though Trump was semi-responsible for the agency's creation back in 2018 during his first term, he has since turned against it after officials refused to back his voter fraud claims in the 2020 presidential election that he lost to former President Joe Biden. In his second term, Trump has proposed more than $250 million in budget cuts to the organization. Last month, the agency was also involved in a rather embarrassing cybersecurity incident in which investigative journalist Brian Krebs found that CISA had left information like plaintext usernames and passwords for internal systems on GitHub, possibly for about six months. With AI models advancing rapidly and governments themselves admitting that they are proving to be a cybersecurity liability, it will be interesting to see how CISA, crippled under the Trump administration's attacks, will respond to these threats. So far, things are not looking particularly great, especially if you consider a recent report that the agency just gained full access to the model only two weeks ago.

AI models that can take down governments and business months away, rare Five Eyes statement warns

Signal agencies in Australia, the US, the UK, New Zealand and Canada sound alarm after Trump blocks foreign nationals from Anthropic's Fable AI model Powerful AI models capable of taking down governments and businesses are mere months away, cyber intelligence agencies for the Five Eyes have warned in a rare joint statement, urging leaders to "act now". The surprising public intervention by signals agencies for Australia, the US, the UK, New Zealand and Canada comes after the Trump administration earlier this month decided to block "foreign nationals" from using a much-hyped AI model built by tech company Anthropic, called Fable. The statement, issued late Monday night Sydney time, said while AI "would help us improve cyber defence over time, it also accelerates the speed, scale, and sophistication of cyber threats". "Frontier AI models are anticipated to exceed current industry expectations, fundamentally transforming both offensive and defensive cyber capabilities. The timeline is not years, it is months," the warning by Five Eyes' agencies said. "In this environment, cyber resilience is integral to advancing business continuity, market confidence, and long-term value." The cybersecurity agencies said the leaps in AI models showed the technology would lower barriers for bad actors and increase the speed and complexity of attacks. "A whole-of-organisation and whole-of-society response is required," the statement continued. "Cyber risk can no longer be treated as a purely technical issue. This is a core business risk and leadership responsibility." While no AI models or companies are by mentioned in the statement by name, many around the world have their eyes on Anthropic's advanced tier of tools. One of the major tech company's latest inventions is called Fable 5, a supposedly more community-friendly version of Mythos - a powerful AI model released earlier this year capable of detecting vulnerabilities in cyber systems that is only available to vetted organisations and companies because of concerns it could be exploited for bad. Both of Anthropic's models were suspended for use by "foreign nationals" in June by the US government, which cited advice by national security authorities. Olivia Shen, an expert in national security and AI at the University of Sydney's United States Studies Centre, said much of the world was focused on what happens next for Anthropic but there could be many more powerful AI models not far off on the horizon. "I think we have to anticipate that the next Mythos or the next Fable is just around the corner," Shen said. "We can only see what's been released, but there could be other models being developed by the likes of China, or other states and other actors and companies, that are just as advanced." In March, the Albanese government signed Anthropic as the first company on to its national AI plan. The non-binding memorandum of understanding means companies agree to share details of AI progress with the government and "promote safety". The government's national plan promotes a light-touch approach on regulating the sector in a bid to capture economic and productivity benefits from the technology.

The Alarming Reason 5 Intelligence Agencies Just Issued a Next-Gen AI Warning

AI is evolving so rapidly, it could pose a cybersecurity threat to governments and businesses within months. That's according to the Five Eyes intelligence partnership, which released a joint call-to-action on Monday that urges business leaders to secure their operations now in the interest of "business continuity, market confidence, and long-term value." "Frontier Al models are anticipated to exceed current industry expectations, fundamentally transforming both offensive and defensive cyber capabilities. The timeline is not years, it is months," the bulletin reads. The Five Eyes includes the FBI, the UK's MI5, and intelligence agencies from Australia, Canada, and New Zealand. It wasn't clear what specifically prompted the communique, but it follows the cautious rollout of Anthropic's Claude Mythos model in preview mode to a limited number of trusted organizations. Mythos is reportedly so powerful that it can "surpass all but the most skilled humans at finding and exploiting software vulnerabilities."