"Five Eyes" Intelligence Alliance Warns of AI-Powered Cyberattacks Possible Within Months

Cybersecurity agencies from the Five Eyes intelligence alliance—Australia, Canada, the United Kingdom, the United States, and New Zealand—issued a rare joint warning on June 22, 2026, that advanced artificial intelligence models could enable devastating cyberattacks on governments and businesses within months rather than years. The statement urges immediate action to strengthen defenses against hostile foreign actors, including China, Russia, and North Korea, who are rapidly integrating AI into their cyber operations.

The alliance, the world’s oldest and most comprehensive signals intelligence partnership, described “frontier” AI systems as poised to exceed current industry expectations and fundamentally transform both offensive and defensive cyber capabilities. Officials stated that the timeline for potentially disruptive AI-driven attacks is “months, not years,” highlighting the risk that such tools could overwhelm Western governments and critical infrastructure if defensive measures are not accelerated.

This warning comes amid growing evidence of adversaries leveraging AI for sophisticated hacking. In May 2026, Google’s Threat Intelligence Group disclosed it had thwarted an attack involving AI that discovered a previously unknown software vulnerability and weaponized it into a functional cyber tool. Suspects included Russian-linked actors, with similar AI-enhanced activity observed from Chinese and North Korean hacking groups. These incidents underscore how AI lowers barriers for attackers by speeding up vulnerability discovery and exploit development.

Western nations currently maintain an advantage through leading commercial AI models and deeper integration into military and intelligence operations. However, the Five Eyes statement cautions that this edge may prove short-lived as adversaries advance their own capabilities. The agencies emphasize that organizations delaying modernization of their cybersecurity infrastructure face escalating risks from increasingly sophisticated threats.

The joint communiqué calls on businesses and governments to adopt AI-powered security tools, shrink attack surfaces, implement rapid patching, address legacy systems, enforce strong authentication, and conduct regular incident response drills. Cyber resilience is framed as essential for business continuity, market confidence, and long-term value. “In this environment, cyber resilience is integral to advancing business continuity, market confidence, and long-term value,” the statement noted.

The warning aligns with broader U.S. efforts to maintain AI leadership amid strategic competition with China. Recent U.S. actions include directives to companies like Anthropic to restrict foreign national access to advanced AI models over national security concerns. Officials argue that dominance in AI is vital for economic growth, military readiness, and protecting critical infrastructure.

Five Eyes cybersecurity chiefs, including representatives from the U.S. Cybersecurity and Infrastructure Security Agency (CISA) and National Security Agency (NSA), as well as the UK’s National Cyber Security Centre (NCSC), stressed the need for whole-of-society action. The rare coordinated statement reflects the urgency of preparing for AI’s rapid evolution in the cyber domain, where offensive tools could soon outpace traditional defenses.

As frontier AI models approach deployment, the alliance’s message is clear: proactive investment in resilient systems is required now to counter the compressed timeline of emerging threats from state-sponsored actors. Failure to adapt could expose vulnerabilities across governments and private sectors in the coming months.