Advanced artificial intelligence models are months away from causing catastrophic damage to businesses and governments, according to a warning issued by the Five Eyes intelligence agencies. The alliance, comprising Australia, Canada, New Zealand, the UK, and the US, stated that critical systems running old and unsupported software face significant risk from new AI models. These models will simplify the execution of attacks for malicious actors.
In a joint statement released on Monday, the Five Eyes agencies urged leaders to “act swiftly” to address the threat posed by rapidly advancing AI systems. They anticipate that “Frontier AI models are anticipated to exceed current industry expectations, fundamentally transforming both offensive and defensive cyber capabilities. The timeline is not years, it is months.” The agencies emphasized that a “whole-of-organisation and whole-of-society response is required,” noting that “Cyber risk can no longer be treated as a purely technical issue. This is a core business risk and leadership responsibility.”
The intelligence agencies did not specify any particular AI models in their statement. However, cybersecurity professionals have recently issued warnings concerning Anthropic’s most advanced systems. Earlier this month, the AI firm was compelled to restrict access to its Fable 5 and Mythos 5 models for all customers, following impositions by the US government.
Organizations and governments must strengthen their defenses by integrating AI tools into their security operations, the intelligence agencies advised. Failure to do so will expose them to severe consequences from hackers and other malicious actors. These adversaries will possess new and more accessible methods for conducting cyberattacks.
Gary Barlet, public sector chief technology officer at cybersecurity firm Illumio, stated that “AI is about to dramatically accelerate the speed, scale, and sophistication of cyberattacks, lowering barriers for adversaries and giving them capabilities that were once limited to highly skilled actors.” He expressed concern that “too many organisations still think they can patch their way out of this problem. We couldn’t keep up before AI, and we certainly won’t keep up after it.”
Barlet further explained that “Attackers have always had the upper hand because they don’t operate under the same constraints as defenders, and that’s even more true in the age of AI.” He concluded that “It’s time for organisations to stop treating a breach as a possibility and start treating it as an inevitability.”
The immediate challenge lies in how quickly organizations can adapt their cybersecurity strategies to incorporate AI-driven defenses. The warning from the Five Eyes alliance suggests a narrow window for preparation before the anticipated increase in attack sophistication. The effectiveness of current security measures against AI-accelerated threats remains a critical unknown.
Future developments will likely focus on the adoption rates of AI security tools and the regulatory responses from governments worldwide. The ongoing tension between rapid AI advancement and the slower pace of security implementation will define the cybersecurity landscape in the coming months. Observers will watch for specific policy directives and industry-wide shifts in defensive postures.