Cybersecurity chiefs from the Five Eyes intelligence alliance warned on Monday that powerful AI models capable of carrying out destructive cyberattacks may be only months away, not years. In an unprecedented joint statement, they said, “We must act now. AI is not a future concern, it is already here.” The alliance includes the United States, Britain, Canada, Australia and New Zealand, and the statement was signed by six agency heads, including two U.S. cyber officials.
The officials said AI will help improve cyber defense over time, but will also accelerate the speed, scale and sophistication of cyber threats. They argued that frontier models are expected to exceed current industry assumptions and fundamentally change both offensive and defensive capabilities. “The expected timeline is not years, but months,” they wrote, warning that AI lowers barriers for malicious actors and shortens the time between discovering a vulnerability and exploiting it.
The statement also laid out principles for adapting to the new environment, emphasizing that defenders must use AI too. “Adversaries are already using AI to move faster and more effectively. Defenders must do the same,” it said. The agencies said organizations that integrate AI into security operations can spot weaknesses earlier, improve code quality, detect unusual behavior, respond faster to incidents, and reduce both costs and impact.
The warning came about a week and a half after the White House ordered access blocked to Anthropic’s powerful “Mithos” model, citing national security concerns. Although the Five Eyes statement did not name any specific system, the article says that model’s capabilities likely helped prompt it. Olivia Shain of the University of Sydney said, “We should expect the next Mithos is right around the corner,” adding that models being developed in China or by other states, actors or companies may be just as advanced.
