Threat IntelligenceEmerging Threats

Five Eyes Agencies Warn of AI-Driven Cyber Threat Surge

Analyst 207||Source: InfoSecMag
Modern briefing room with podium and large window, suggesting a technological focus.

“AI is not a future consideration – it is already here,” the Five Eyes cybersecurity agencies said in a public statement on June 22, urging businesses and governments to act quickly as frontier artificial intelligence reshapes the threat landscape.

The Five Eyes cybersecurity agencies' warning

The United Kingdom, United States, Canada, New Zealand and Australia — collectively the Five Eyes cybersecurity agencies — said frontier AI will “fundamentally” transform offensive and defensive capabilities within months. In a joint public statement issued June 22, they warned that the rapid advance of AI both lowers barriers for malicious actors and increases the speed and complexity of attacks, “shrinking the window between vulnerability discovery and exploitation ever more quickly.” At the same time, the agencies noted, AI also “offers powerful tools to strengthen defense.”

The five practical steps for organizations

To blunt the near-term operational and strategic risks, the Five Eyes statement set out five practical steps organizations should prioritize. The agencies recommended that companies:

  • Reduce the attack surface by limiting unnecessary system access and external connectivity, and isolating systems that don’t need to be connected;
  • Accelerate patching to mitigate the impact of AI-powered vulnerability discovery and exploitation;
  • Address legacy systems, including unsupported systems that are easy targets;
  • Review and strengthen identity and access controls to limit who can access sensitive systems, enforce strong authentication and regularly review permissions;
  • Prepare for incidents before they happen by testing response plans, training teams, and assume breaches will occur, with a focus on rapid containment and recovery.

Breaches are inevitable; preparedness and design matter

The Five Eyes group warned that breaches will inevitably occur as AI finds more zero-day vulnerabilities and urged a focus on preparedness to contain the fallout. Their guidance stressed secure-by-design and secure-by-default practices and defence in depth, alongside rapid containment and recovery plans. They advised a “whole-of-organization” and “whole-of-society” response founded on “getting the basics right, acting quickly, and integrating cyber security into core business strategy.”

Industry voices: Check Point and Absolute Security

Security industry leaders quoted in the report broadly agreed with the Five Eyes assessment. Graeme Stewart, head of public sector at Check Point, said the threat “posed by AI is indeed massive,” and called for “a global coalition on cyber collaboration, establishing a best-practice guide to protect businesses and government infrastructure.” Andy Ward, senior vice president international at Absolute Security, warned that this is “just the beginning” of attacks that move at AI speed and cautioned that “without robust AI-powered cyber resilience strategies and real-time visibility in place, the UK risks sleepwalking into deeper vulnerabilities.”

How technologists, business leaders, and the UK should respond

Technologists and security teams should look to the Five Eyes’ dual prescription: integrate AI into security operations to “detect vulnerabilities earlier, improve software quality, monitor unusual behavior, and respond faster to incidents,” while also hardening basic controls such as identity and access management and patching cadence. Business leaders were explicitly called out: the statement urged them to prioritize cyber resilience or risk facing “growing operational and strategic disadvantage,” and to adopt a whole-of-organization response that embeds security into core business strategy. The UK, singled out in commentary by Andy Ward, faces a specific warning that without “robust AI-powered cyber resilience strategies and real-time visibility” the country could be exposed to deeper vulnerabilities.

The Five Eyes message is both urgent and prescriptive: the agencies say the pace of frontier AI means cyber risk assumptions can become outdated in months, not years, and they urge action now to prepare for rapidly evolving threats. Their recommendations combine immediate defensive fixes — patching, access controls, isolation of unnecessary connections — with longer-term structural changes such as secure-by-design practices and the integration of AI into defensive operations. How quickly organizations adopt those steps will determine whether the speed and scale of AI-powered attacks become a strategic disadvantage or an operational risk they are prepared to contain.

Source: Infosecurity Magazine — Five Eyes Group Issues Urgent Call to Tackle Frontier AI Threats

Artificial IntelligenceEmerging ThreatsNation-StateCyber Threat IntelligenceFive EyesAI-Driven Cyber Threats
Related Intelligence

Continue Reading

Software development workstation with laptop, coding tools, and notes in a brightly-lit neutral environment.

Malicious npm Packages Deliver Windows RAT via PostCSS Tooling

Beware of malicious npm packages masquerading as popular tools like PostCSS - researchers have uncovered three fake packages that have racked up over 1,000 downloads and deliver a sneaky Windows remote access trojan. These lookalike packages, published just over a month ago, have been cleverly designed to fly under the radar.

Analyst 207
Two handcuffed teenagers sit somberly in a courtroom with a judge's bench and law enforcement officer in the background.

Scattered Spider Teens Plead Guilty to TfL Cyberattack

Two British teenagers, Thalha Jubair and Owen Flowers, have pleaded guilty to infiltrating Transport for London's systems, causing a £29m hit and disrupting public services in a stark reminder that cybercrime has very real-world consequences. The breach, which occurred in late August 2024, highlights the significant impact of cyberattacks on everyday life.

Analyst 207
Smartphone with WhatsApp conversation on screen sits on cluttered desk near open file folder, with cityscape in background.

WhatsApp Targeted in VBScript Campaign Installing ManageEngine RMM Tool

Malicious actors are using WhatsApp to trick victims into downloading and executing a Visual Basic Script (VBScript) file, disguised as a business or financial document, which ultimately installs a legitimate Remote Monitoring and Management (RMM) tool. The campaign has been detected in multiple countries worldwide, with Malaysia being the hardest hit.

Analyst 207
Government building facade with people walking nearby, hint of tension.

Hacktivism Surges as Geopolitical Crises Expose Cybersecurity Gaps

Hacktivist attacks have skyrocketed amid rising geopolitical tensions, with over 149 incidents reported in just three days - a stark reminder of the growing cybersecurity gaps. This alarming surge is part of a larger trend that began in February 2022, with hacktivist groups increasingly targeting critical infrastructure during times of conflict.

Analyst 207