Five Eyes Urges AI to Counter Cyber Threats

In a rare joint statement, the Five Eyes cybersecurity agencies, representing Australia, the United States, the United Kingdom, Canada and New Zealand, warned leaders must "act swiftly" in response to the cyber risk posed by artificial intelligence, according to the UK National Cyber Security Centre and ABC News. The statement says AI lowers barriers for malicious actors and increases the speed and complexity of attacks, while also offering "powerful tools to strengthen defence" (UK NCSC; ABC News). The agencies describe frontier AI development as compressing timelines, writing that the timeline is "not years, it is months" (UK NCSC; CyberScoop).

The joint text recommends immediate practical actions, including reassessing which systems need to be online, removing unnecessary internet connectivity, addressing "legacy systems" running unsupported software, limiting access to critical systems, and elevating cyber responsibility to boards and senior leaders (UK NCSC; ABC News). Media reporting also notes recent operational developments: on June 13 Anthropic suspended worldwide access to its two most powerful models, Fable 5 and Mythos 5, amid export-control and national-security concerns (SMH; ABC News).

Frontier generative models reduce manual effort for reconnaissance, exploit discovery, and tailored social-engineering, creating higher-volume, higher-quality attack automation. Industry observers have documented that older commercial models, open-source variants, and illicit channels already provide capabilities that enable automated vulnerability scanning and exploit generation; the Five Eyes statement and reporting underscore how rapidly those capabilities can iterate (CyberScoop; UK NCSC). For defenders, this shifts the balance toward automation in detection and response, and toward architectural controls that are less dependent on human-in-the-loop manual processes.

Joint warnings from national-level cyber agencies are uncommon and amplify signal for risk managers and security engineering teams. The agencies explicitly tie frontier-model timelines to months rather than years, which raises operational urgency for patch management, network segmentation, identity and access management, and pre-incident playbooks (UK NCSC; CyberScoop). Reporting also cites empirical testing: British AI Security Institute testing and academic commentary quoted in SMH noted high exploit success rates in some model-driven exercises, a datapoint that helps explain the agencies' tone (SMH).

Observers should track: continued export-control or access restrictions around frontier models and vendor responses; public red-team results or independent testing that quantify model-assisted exploit effectiveness; uptake of AI-driven defensive tooling by enterprise SOCs; and whether corporate boards materially change risk reporting and budgeting for cyber resilience (SMH; UK NCSC; CyberScoop). Also watch for follow-up joint guidance or country-specific regulations that would affect procurements and threat-scanning practices.

For practitioners: the joint statement reinforces prioritising fundamental hygiene at scale, rapid patching, minimizing internet-exposed attack surface, robust identity controls, and exercising incident response under realistic conditions. The agencies frame AI as both an accelerant for attackers and a necessary tool for defenders, so evaluating defensive automation, model-risk controls, and secure-by-design practices will be central to short-term risk reduction (UK NCSC; ABC News).