AI on pace to bypass cybersecurity systems in months, not years, “Five Eyes” spy partners warn
The most advanced artificial intelligence models are improving quickly enough to outsmart prevailing cybersecurity know-how within months, the Five Eyes spy agency alliance has warned.
The risk posed by AI-enhanced hacking is in the spotlight in the wake of startup Anthropic saying in April that its cutting-edge Mythos models had unprecedented abilities to find software vulnerabilities.
The security agencies of Britain, the United States, Australia, Canada and New Zealand urged governments and businesses to act swiftly to prepare themselves as AI evolves.
“The rapid pace of frontier AI development means cyber risk assumptions can become outdated in months, not years,” said a joint statement dated Monday.
AI “lowers barriers for malicious actors and increases the speed and complexity of attacks,” the Five Eyes advisory said.
“Breaches will occur. Preparedness helps you contain them quickly and prevent escalation into major operational and financial crises.”
To improve cyber defenses, organizations should integrate AI tools into their security operations, update old systems and limit access to critical systems among other steps, they said.
“It’s pretty alarming,” Chris Krebs, former director of the U.S. Cybersecurity and Infrastructure Security Agency, told CBS News.
“The past several months have been a bit of a whirlwind in terms of advanced AI,” he said. “And this note from the Five Eyes intelligence agencies, while not really a single development, it’s a signal that businesses need to take the risk posed by AI falling into the wrong hands very seriously.”
Krebs noted that the Five Eyes statement “lays out a couple of discrete and achievable actions” that businesses and other organizations can take to “make themselves harder targets, make themselves more agile, more resilient” and prepare for what he called “the vulnerability tsunami that’s heading our way.”
Anthropic this month suspended access to Mythos 5 and a restricted version called Fable 5 to comply with a U.S. national security order.
Just days after publicly launching Fable 5, the company said it had received a government directive banning all foreign nationals from accessing the two models.
The intervention is striking for a White House that has otherwise pushed to loosen AI oversight — even moving to block states from writing their own rules.
