Five Eyes intelligence agencies have jointly warned that advanced AI models capable of catastrophic cyberattacks are months away from broad availability — with adversary states, including China, assessed as potentially already at parity.
Intelligence Lead
The Five Eyes intelligence alliance — comprising the United States, United Kingdom, Canada, Australia, and New Zealand — issued a rare joint advisory on 22 June 2026 declaring that frontier artificial intelligence models capable of fundamentally transforming offensive cyber operations are "months, not years" from public availability. Co-signed by NSA Cybersecurity Directorate Director David Imbordino and acting CISA Director Nick Andersen, the statement represents the most explicit public timeline estimate yet issued by allied intelligence services on AI-enabled cyber threats, carrying direct and immediate implications for critical infrastructure, government networks, and the strategic balance with near-peer adversaries.
Situation Report
The joint advisory states that "frontier AI models are anticipated to exceed current industry expectations, fundamentally transforming both offensive and defensive cyber capabilities," and that "the timeline is not years, it is months." The agencies flag legacy systems, sluggish patching cycles, unnecessary internet connectivity in operational environments, weak identity and access controls, and the absence of pre-incident planning as the structural vulnerabilities that frontier AI will most readily exploit.
The statement explicitly cites Anthropic's Fable 5 and OpenAI's Daybreak as capability benchmarks — both models subject to recent U.S. government export restrictions after intelligence assessments concluded they posed national security risks. Anthropic disabled access to its Fable 5 and Mythos 5 models under government pressure in recent weeks. The advisory indicates these restrictions represent a temporary brake at best: open-source model releases have historically trailed frontier development by six to eight months, meaning currently restricted capabilities will likely be freely available in that window regardless of export controls.
House Homeland Security Committee Chairman Andrew Garbarino (R-NY) stated the warning "underscores what the Committee has repeatedly heard through roundtables, briefings, and hearings with industry leaders: China is just months, if not now weeks, away from achieving frontier AI capabilities comparable to those of the United States." Garbarino called the advisory further justification for ensuring federal agencies and critical infrastructure operators can leverage advanced U.S. models for defensive purposes — finding vulnerabilities before adversaries can exploit them.
Background & Context
The Five Eyes advisory is unusual in its specificity. Previous joint statements from the alliance have flagged nation-state cyber threats — including PRC-linked Volt Typhoon campaigns targeting U.S. critical infrastructure — but have rarely committed to concrete capability timelines. The decision to issue an explicit months-based forecast signals that allied intelligence services have reached sufficient internal consensus on AI development trajectories to make that assessment public, likely with the intent of overcoming institutional inertia among private sector defenders.
AI-enabled offensive cyber capabilities are not theoretical. Current-generation commercial and open-source models already demonstrate competency in identifying software vulnerabilities, generating exploit code, and constructing hyper-personalised phishing campaigns at industrial scale. The advisory addresses the next tier: models capable of autonomously discovering and chaining zero-day vulnerabilities in operational systems, compressing attack timelines from weeks to hours, and enabling threat actors with limited prior technical expertise to operate at near-nation-state level. The intelligence agencies also note that AI is already lowering barriers for criminal actors, with automated systems scanning social media profiles to generate targeted credential-theft campaigns at scale.
The broader context of the advisory includes the recent U.S. government decision to impose export controls on Anthropic's Fable 5, a move that Anthropic publicly described as a "misunderstanding" but which remains unresolved. Programs such as Anthropic's Project Glasswing and OpenAI's Trusted Access for Cyber Program — which provide frontier AI tools to defenders for vulnerability discovery — represent the alliance's working answer to the offensive-defensive gap. Whether those programs scale fast enough is the operative question the advisory leaves open.
Analysis & Assessment
The Five Eyes advisory functions simultaneously as threat assessment and political pressure instrument — a combination unusual for a joint intelligence document. By assigning a months-based timeline and backing it with allied intelligence consensus, the agencies appear to be attempting to force movement from both government agencies and private sector defenders who have treated cyber resilience as a compliance exercise. The implicit calculus: the same capabilities being restricted at the frontier will be freely available through open-source channels before most organisations have updated their incident response plans.
The China dimension carries the most immediate strategic weight. Garbarino's characterisation of China as potentially "weeks" rather than months from frontier-level cyber AI parity — rather than months — suggests the advisory may be understating the immediacy of the threat from PRC-affiliated actors. PLA Cyber Force and MSS-linked threat groups maintain persistent long-dwell intrusion infrastructure across U.S. critical systems; layering frontier AI onto existing tooling does not require new network access, only new models. If Chinese state actors achieve that capability before U.S. defensive programs are deployed at scale, the structural advantage shifts significantly.
The timing of the advisory warrants attention. It was issued days after the Trump administration signed a memorandum of understanding with Iran, with U.S. intelligence bandwidth directed toward post-conflict monitoring and the fragile Lebanon ceasefire mechanism. Adversary states routinely probe for windows of opportunity when allied attention is distributed. Whether the advisory's release was calibrated to close that window cannot be confirmed from open sources; the pattern is consistent with established Five Eyes practice of elevating public warnings ahead of anticipated threat escalation.