Cybersecurity agencies are warning governments and business leaders that cyber risks posed by artificial intelligence (AI) require urgent action.
The Five Eyes agencies of Australia, the United States, the United Kingdom, Canada and New Zealand also point out that AI also provides a solution, arguing that AI tools provide the most effective cyber defense.
In an unprecedented joint statement, the Five Eyes agencies warned leaders they needed to “act quickly” to address the imminent threat as AI increases the “velocity, scale and sophistication of cyber threats.”
“AI is not a future consideration; it is already here.”
said the joint statement.
“The barrier to malicious actors is lowered, the speed and complexity of attacks increases, and the time between discovery and exploitation of vulnerabilities is shorter than ever before.
“At the same time, AI provides powerful tools to strengthen our defenses.”
The agencies identified five practical steps that, while not new, have become more urgent as the capabilities of AI-driven cyber attacks continue to grow.
This includes reevaluating which running systems actually need to be online and removing those that don’t need to be connected at all.
The report warns that “legacy systems” such as computers running outdated and unsupported software are soft targets, and urges organizations to regularly restrict access to critical systems.
The joint statement said governments and businesses can no longer think of cybersecurity as an “IT issue,” but instead argued that it is critical to market trust.
AI is the problem and the answer
But authorities argue that while AI is a powerful threat, it can equally help defend against cyber-attacks.
The report urges government and business leaders to incorporate artificial intelligence into cyber defenses, and says it is also important to continually review and improve defenses.
“Organizations that integrate AI tools into their security operations can detect vulnerabilities early, improve software quality, monitor anomalous behavior, and respond quickly to incidents, reducing both costs and the impact of incidents,” the joint statement said.
“The fast pace of frontier AI development means that cyber risk assumptions can be outdated in months rather than years. We must be proactive and be prepared to adapt and withstand evolving threats.”
AI giant Anthropic recently provided access to its powerful Mythos tools to a number of Australian government and business organizations to improve their cybersecurity capabilities.
But days later, the Trump administration restricted foreigners’ access to Anthropic’s cutting-edge AI system.
Mythos AI models are considered so powerful at identifying flaws in software and networks that Anthropic intentionally restricts access in case its capabilities fall into the wrong hands.
Stephanie Crowe, director of the Australian Cyber Security Center at the Australian Signals Directorate, said Australia was well placed to counter the threats posed by AI if it took the right steps now.
“In fact, we believe we have the tools and the capability.”
she said.
“If we all take action and actually take the time to consider our cyber risk management plans and prioritize what we need to do to protect ourselves, we will be in a really good place.
“It would be even better if we could learn from new technologies that are emerging in the environment, such as AI, how to use these new technologies defensively, because our adversaries are using them and we all need to use them to protect our networks.”
