Crypto news

23.06.2026
12:41

The Five Eyes raise the alarm: AI cyberattacks are advancing to a new level in months, not years

img-ca55ff87898d6d28-5343455766779688

Cyber agencies from the Five Eyes alliance — Australia, Canada, New Zealand, the United Kingdom, and the United States — have issued a joint statement warning of a dramatic acceleration in the pace of cyber threats using advanced AI models. According to the document, we are witnessing not an evolutionary but a revolutionary shift: the timeframes in which AI changes both offensive and defensive capabilities have shrunk from years to months.

Core of the Warning: AI as a Threat Accelerator

The statement emphasizes that artificial intelligence is already lowering the barrier to entry for attackers by automating and scaling attacks. The key danger is the reduction of the "vulnerability window": the time between discovering a system breach and its exploitation. At the same time, the technology also works in favor of defenders, allowing for faster identification of weaknesses, improved code quality, and incident response. However, according to Five Eyes, the balance of power is shifting toward attackers.

Practical Data: From Theory to Real Incidents

My own observations of the market confirm these findings. As early as March, the UK's National Cyber Security Centre (NCSC) recorded that over 18 months, the best AI models went from nearly zero progress in a simulated attack to completing more than half of the scenario. The Claude Opus 4.6 model completed an average of 15.6 out of 32 attack steps, equivalent to approximately 6 hours of work by a human expert. Meanwhile, the cost of one full attempt at such a simulation was only about £65 — pocket change for cybercriminals.

A breakthrough occurred in April with the release of the Claude Mythos Preview model. In the "The Last Ones" test, it became the first to complete a full 32-step attack scenario on a corporate network — in 3 out of 10 attempts. By May, an improved version of the same model handled the task in 6 out of 10 attempts and, for the first time, completed a second, more complex scenario called "Cooling Tower." Although these tests were conducted in a simplified environment without active defenses, the trend is alarmingly consistent.

New Tools and Risks of Agentic AI

Alongside the threats, defense tools are also evolving. OpenAI recently released the full version of the GPT-5.5-Cyber model, which achieved a record efficiency of 85.6% on the CyberGym platform. The company also launched the Patch the Planet initiative for automated vulnerability discovery and patching in open-source projects. However, this is a double-edged sword: the same technologies can be used to create more sophisticated exploits.

Risks associated with agentic AI systems deserve special attention. In May, Five Eyes issued guidance warning that such services, capable of autonomously performing tasks, expand the attack surface. Risks include misinterpretation of goals, execution of malicious instructions via prompt injection, and obtaining overly broad permissions.

My comment: The cryptocurrency and DeFi market, where errors in smart contracts and infrastructure vulnerabilities cost millions, should take this warning as a call to action. The era of "reactive" security is over. The principles of secure-by-design and the phased implementation of agentic AI with strict access control are not just recommendations but a necessity for survival in the new reality. Artificial intelligence in the hands of hackers, especially state-sponsored ones, poses a more serious and immediate threat than even quantum computing.