Cybersecurity agencies from the Five Eyes intelligence alliance have issued an unusual joint warning that advanced AI models could soon give attackers far more powerful tools for cyber operations. The agencies from Australia, the United States, the United Kingdom, New Zealand and Canada said the threat is not distant, but likely to emerge within months.
The statement, released late Monday in Sydney time, said AI will improve cyber defence over time, but will also speed up the scale and sophistication of attacks. The agencies warned that frontier models are expected to surpass current industry assumptions and reshape both offensive and defensive cyber capabilities faster than many organizations are prepared for.
“The timeline is not years, it is months,” the statement said, urging leaders to act immediately. The agencies added that cyber resilience should be treated as a business continuity issue and a leadership responsibility, not just a technical problem.
The warning suggests that more capable AI systems could lower the skill threshold needed for malicious actors to launch serious attacks. That could make it easier to identify vulnerabilities, automate exploit development and increase the speed at which attacks unfold.
The agencies said the response needs to extend beyond security teams and into boardrooms and government policy. In their view, organisations should treat cyber risk as a core business issue because the consequences of a major breach could affect confidence, operations and long-term value.
The Five Eyes alliance, formed after World War II, rarely makes public statements of this kind. Its decision to do so underscores growing concern among national security officials about how quickly AI capabilities are advancing.
Although the statement did not name any company or model, it comes as attention has focused on Anthropic and its advanced AI tools. The company’s Mythos model, released earlier this year, was described as capable of finding weaknesses in cyber systems, but it was limited to vetted organizations because of concerns it could be misused.
Anthropic’s newer Fable 5 model has also attracted scrutiny. Earlier this month, the US government moved to block foreign nationals from using both Mythos and Fable, citing advice from national security authorities.
The timing of the Five Eyes warning follows that move, though the statement did not refer to it directly. The agencies argued that AI can be used for both attack and defence, but said the latest generation of systems is especially concerning because of the quality of the exploits it can generate.
Olivia Shen, a national security and AI specialist at the University of Sydney’s United States Studies Centre, said the newest models are particularly strong at generating exploits, which increases the danger for defenders.
She also said the public discussion should not be limited to what has already been released. In her view, similar capabilities may already be under development elsewhere, including in China and other states, companies and actors.
The warning arrives as governments continue to debate how tightly AI should be regulated. In Australia, the Albanese government has adopted a light-touch approach aimed at preserving the economic and productivity gains expected from the technology. Earlier this year, Anthropic became the first company signed on to the country’s national AI plan through a non-binding agreement focused on safety and information sharing.
The Five Eyes statement adds pressure to those policy discussions by framing AI security as an immediate strategic concern. Its central message is that the risk from frontier models may be arriving much faster than many organizations and governments have planned for, and that preparation should begin now rather than later.