The AI Cyberstorm: Five Eyes Warns of Months, Not Years, to Catastrophic Threats

In a rare and striking public intervention, cyber intelligence agencies from the Five Eyes alliance—Australia, the US, the UK, New Zealand, and Canada—have issued an urgent warning: powerful AI models capable of destabilizing governments and businesses are not a distant threat, but are mere months away. This unprecedented joint statement, delivered late Monday night Sydney time, implores leaders worldwide to “act now,” painting a grim picture of an accelerating cyber threat landscape.

The alarm from these signal agencies follows a significant move by the Trump administration earlier this month to block “foreign nationals” from utilizing Fable, a highly anticipated AI model developed by tech company Anthropic. This decision, based on national security advice, underscores the immediate, tangible concerns surrounding frontier AI. The Five Eyes statement explicitly notes that while AI will eventually “help us improve cyber defence,” it simultaneously “accelerates the speed, scale, and sophistication of cyber threats,” suggesting a complex, dual-use technological advancement.

The intelligence community anticipates that “Frontier AI models are anticipated to exceed current industry expectations, fundamentally transforming both offensive and defensive cyber capabilities.” The critical timeline, they stress, “is not years, it is months.” This stark projection moves AI-driven cyber risk from a theoretical, long-term policy discussion to an imminent, operational imperative. The agencies underscored that “cyber resilience is integral to advancing business continuity, market confidence, and long-term value,” linking national security directly to economic stability.

Anthropic remains a focal point in this evolving narrative, particularly with its Fable 5, a supposedly community-friendly version of its more powerful Mythos model. Mythos, capable of detecting cyber system vulnerabilities, is currently restricted to vetted organizations due to exploitation concerns. Both Mythos and Fable were suspended for use by “foreign nationals” by the US government in June, highlighting a fragmented global approach to AI governance. Olivia Shen, a national security and AI expert, warns that the focus on Anthropic might be too narrow, cautioning, “I think we have to anticipate that the next Mythos or the next Fable is just around the corner,” potentially developed by “China, or other states and other actors and companies.”

The Five Eyes warning marks a critical re-evaluation of cyber risk, asserting that it “can no longer be treated as a purely technical issue.” Instead, it demands recognition as “a core business risk and leadership responsibility,” necessitating a “whole-of-organisation and whole-of-society response.” This elevates the issue beyond IT departments to boardrooms and national policy agendas, signifying a fundamental shift in how risk is assessed and managed. The Albanese government in Australia, having signed Anthropic as the first company on its national AI plan in March, represents a contrasting approach, where sharing AI progress is prioritized—a clear indication of the varied, and sometimes conflicting, strategies countries are adopting to harness and mitigate AI's unprecedented power.