The Five Eyes alliance has issued a warning that cyber threats from frontier AI are just ‘months’ on the horizon.

      The Five Eyes intelligence alliance has released a collective alert stating that the upcoming generation of artificial intelligence is set to significantly enhance offensive hacking capabilities, and that the opportunity to prepare for this threat is rapidly diminishing.

      In a unified statement, the agencies from the United States, the United Kingdom, Canada, Australia, and New Zealand emphasized the urgent need for action, highlighting a remarkably short timeframe for the threat. “Frontier AI models are expected to surpass current industry expectations, fundamentally altering both offensive and defensive cyber capabilities,” the statement noted. “The timeline is not years; it is months.”

      The agencies cautioned that AI models capable of inflicting substantial cyber damage will likely be accessible to the public within just “months,” significantly reducing the typical government risk assessment timeframe to something much nearer to the present moment.

      Much of what the alliance referenced pertains to the mundane aspects of how organizations become victims of breaches. The statement pinpointed aging systems, slow patching processes, unnecessary internet exposure, insufficient identity and access controls, and a lack of proactive incident planning as vulnerabilities that more advanced AI will quickly identify and exploit.

      These issues are not new; the assertion is that AI will enhance the exploitation of these vulnerabilities, shortening the period between the discovery of a vulnerability and an attacker exploiting it from weeks to a significantly shorter duration. The agencies suggested that a flaw that once required a skilled human team days to weaponize could soon be turned into an effective exploit by an AI model in a fraction of that time.

      The familiarity of much of the underlying advice was, in a sense, intentional. The majority of the statement reiterated fundamental cybersecurity practices: patch promptly, avoid placing systems online unless necessary, restrict access to critical resources—guidance that defenders have been hearing for years.

      Additionally, the agencies encouraged defenders to leverage the same technology against the threat, urging organizations to utilize AI “to enhance defense,” such as by identifying vulnerabilities sooner or responding to incidents more swiftly.

      This perspective reflects a year in which the distinction between offensive and defensive tools has blurred: Google researchers employed an AI system to reveal a live zero-day exploit, while Anthropic has recorded models capable of identifying serious software vulnerabilities that are concerning to financial institutions.

      The warning comes amid a broader rush to establish defenses before the capability gap expands. Governments and vendors have been forming international cyber partnerships, and the criminal application of AI is already emerging, as researchers track AI-assisted cryptocurrency thefts linked to North Korean hackers.

      The Five Eyes statement effectively informs others in the field that similar tools will soon be widely available. The alliance issued an unusually urgent warning while directing organizations to return to basic practices, recognizing that much of the damage still arises from easily overlooked vulnerabilities.

      What the statement did not provide was a specific deadline or any regulatory framework, leaving the responsibility for response to individual organizations and national agencies. It also refrained from naming specific AI labs or models, opting for a general warning instead of targeting any particular developer.

      For defenders, the key takeaway is discomfortingly straightforward: while the advice remains unchanged, the timeframe for taking action, according to the alliance, is now counted in months rather than years.