Five Eyes warns: advanced AI cyberattacks within months

What happened?

On June 2, 2025, the cybersecurity agencies of the five Five Eyes member countries — the United States, United Kingdom, Canada, Australia, and New Zealand — published an unprecedented joint statement. In it, they warn that frontier artificial intelligence (frontier AI) could power offensive cyber attacks within months, not years. The document, coordinated by the US CISA, UK NCSC, Canadian Centre for Cyber Security, Australian Cyber Security Centre, and New Zealand GCSB, states that advanced AI systems will enable automated vulnerability discovery, creation of more sophisticated malware, and more effective evasion of current defenses. Unlike previous warnings, this one is based on operational intelligence and technical analysis of real capabilities observed in laboratories and controlled environments. The statement urges governments and the private sector to take immediate action, as the exploit development cycle could shorten dramatically.

Why is this important?

This warning comes from the world's premier intelligence alliance, giving it significant weight. It is not academic speculation but an assessment based on intelligence and technical analysis. The window to prepare is short: frontier AI offensive capabilities are maturing rapidly and could be available to malicious actors in less than a year. Historically, similar warnings have preceded paradigm shifts: in 2017, the NSA warned about AI use in phishing attacks, and in 2020 the World Economic Forum flagged AI as an emerging risk. However, this is the first time Five Eyes has issued such a specific joint alert, indicating the threat is imminent. Frontier AI, defined as models with capabilities near or exceeding human levels in specific tasks, has already demonstrated in internal tests the ability to write functional exploits for known and unknown vulnerabilities. Additionally, it can generate polymorphic code that evades signature-based detection. If these systems fall into the hands of criminal groups or hostile states, the cybersecurity landscape could change radically.

Consequences for businesses and users

Organizations will need to accelerate adoption of AI-based defenses (such as anomaly detection systems) and strengthen basic cyber hygiene. For users, the risk of hyper-personalized phishing and automated scams will increase. Critical sectors (finance, health, energy) are the most exposed. A 2024 report from the UK National Cyber Security Centre already warned that AI could generate phishing emails indistinguishable from humans. Now, with frontier AI, attacks could be adaptive in real time, modifying the message based on the victim's responses. Small and medium-sized businesses, which often lack resources for advanced defenses, will be particularly vulnerable. According to CISA data, 60% of SMEs that suffer a cyberattack close within six months. Large-scale automated attacks enabled by AI could overwhelm incident response teams, which are already stretched. Furthermore, frontier AI could accelerate the development of ransomware that spreads autonomously, as already seen with variants like LockBit, but with enhanced evasion capabilities.

What should readers know?

• Frontier AI can generate malicious code at scale and adapt in real time to defenses. In tests conducted by OpenAI, models like GPT-4o were able to exploit zero-day vulnerabilities in isolated environments, something that previously required human experts.
• Zero-day attacks could become more frequent and harder to patch. AI can analyze thousands of lines of code to find flaws in minutes, reducing the time between discovery and exploitation.
• International cooperation in cybersecurity will be key to mitigating risk. Five Eyes has already established working groups to share intelligence on AI-driven threats, but global coordination is needed, similar to what was achieved against ransomware after the Colonial Pipeline attack in 2021.
• Users must exercise extreme caution: be wary of unexpected messages, use multi-factor authentication, and keep systems updated. AI can generate voice and video deepfakes to impersonate identities, as already seen in financial scams.

“The window to prepare is closing,” the joint report warns. “Governments and businesses must act now to develop resilient defenses, invest in secure AI research, and establish regulatory frameworks that limit the malicious use of these technologies.”

In conclusion, the Five Eyes warning marks a turning point. It is not a distant prediction but a call to action based on concrete evidence. History shows that technological revolutions in cybersecurity are often disruptive: the advent of automated exploits in the 1990s, the rise of ransomware in the 2010s, and now offensive AI. Those who do not adapt will be exposed. The question is not whether it will happen, but when and how prepared we will be.