Five Eyes warn AI cyberattacks may hit consumers within months

On June 22, the intelligence chiefs of the Five Eyes alliance-the United States, United Kingdom, Canada, Australia and New Zealand-issued a rare joint briefing warning that upcoming artificial intelligence models will accelerate offensive hacking and could affect consumers within months.

The advisory names next-generation systems such as OpenAI’s GPT-5.5-Cyber and Anthropic’s Mythos and says these models enable automated digital agents to scan internet-connected systems continuously. Those agents can locate software vulnerabilities and generate exploits without the elite coding skills previously needed, shrinking the time between discovery and attack from days or weeks to minutes or hours.

The briefing lists consumer risks tied to scaled corporate breaches. Automated attacks against company databases can extract personal records, saved passwords and cloud backups. Conversational AI tools can create highly personalised phishing messages by using information from public social media and other online traces, increasing the likelihood that recipients will hand over credentials or download malicious files.

The document highlights regional impacts and provides concrete data. Authorities recorded a 165% rise in ransomware incidents in India in early 2026 where AI-assisted targeting was observed, the briefing states.

The intelligence chiefs advise corporate security teams to overhaul network defences, adopt automated defensive tools and speed up vulnerability management because manual patching and review cannot match machine-paced offence. The briefing cites the World Economic Forum’s Global Cybersecurity Outlook, which reports that 94% of corporate executives view AI as a top threat vector and that about two-thirds of organisations report moderate to critical shortages in cybersecurity staff.

As a defensive measure, the briefing recommends wider deployment of defensive AI that monitors unusual behaviour, detects intrusions and isolates compromised systems automatically. It advises organisations to shorten the time between vulnerability discovery and patching to reduce the window attackers can exploit.

For individual users, the briefing recommends enabling multi-factor authentication, removing old and unused accounts and following basic online hygiene. The document frames those steps as barriers that increase the effort required for automated, large-scale attacks.