Five intelligence services rarely speak with one voice. When they warn the window of vulnerability has narrowed to months, the real question is whether the defenders can move as fast as the threat.
Throughout my years in the intelligence world, I don’t recall a single instance in which the Five Eyes partners jointly issued a public warning, so when they do, the message lies in the act as much as the words. Intelligence agencies guard their assessments and share them sparingly, almost never in the open. So, when the United States, United Kingdom, Canada, Australia, and New Zealand jointly warned on June 22 that frontier AI models capable of serious cyber exploitation are only "months away" from broad availability, the unanimity was itself a clear message. "The timeline is not years, it is months," they wrote.
The warning the Five Eyes partners shared is specific. These are systems that let a non-expert coordinate a complex intrusion (work that until recently required a trained team fluent in reconnaissance, exploitation, and stealth). That capability is moving out of the hands of advanced nation states and into the reach of mid-tier criminal groups and other adversaries. As the barrier to a sophisticated operation fall, the target list grows, and the systems most exposed are the ones a country cannot do without hospitals, water and power utilities, community banks, ports, and the contractors that serve them.
There is one caveat to mention. Outside experts who examined the models argued they do not represent a wholly novel threat, and the agencies concede their core remedy is familiar: fix the basics, patch faster, control identity and access. The fundamentals still decide most outcomes. What has changed is speed and, with speed, potential volume. The vulnerability was always there, and AI simply finds it faster and puts that reach into more hands.
For national security planners, "months" is the word that should capture attention. Strategy assumes time, and much of the architecture protecting critical infrastructure was built for an era when a capable intrusion took a capable organization. AI collapses that assumption. A defensive posture written to last three years can be overtaken before its first review, and the slowest links (legacy systems and sluggish patching) are the points an adversary will reach first.
Washington has begun to respond. Executive Order 14409, signed June 2, is best read as the opening move in a national security framework for frontier AI. It directs the NSA and CISA to benchmark in classified settings when a model's cyber capabilities make it a "covered frontier model," and it asks developers to voluntarily give the government up to 30 days of access to such models before release. It stands up an AI cybersecurity clearinghouse — led by Treasury — to coordinate the discovery and patching of vulnerabilities, and it directs the Justice Department to prosecute those who turn AI against American computer systems. It also pushes to put defensive AI into the hands of the institutions least able to defend themselves: rural hospitals, community banks, and local utilities.
The order is also a move in a broader contest. Representative Andrew Garbarino, who chairs the House Homeland Security Committee, said the same week that China is "months, if not now weeks, away from achieving frontier AI capabilities comparable to those of the United States." Washington has already moved to restrict the export of a leading frontier model on national security grounds. Whoever fields these capabilities first, and whoever sets the terms for evaluating and controlling them, will shape the rules others must live by. That competition runs straight through the private companies that build the models and the critical infrastructure an adversary would target.
All of this points to the real test. If frontier AI can accelerate attacks, it can accelerate defense, and the side that equips its defenders faster holds an advantage. Programs that put defensive AI into the hands of critical-infrastructure operators, such as Anthropic's Project Glasswing and OpenAI's cyber-defense access effort, are early attempts to give defenders a head start in finding and fixing flaws before they are exploited. The harder problem is people. Models do not run themselves, and the expertise to direct them, in a utility control room or a hospital network, is scarce and unevenly spread across exactly the sectors most at risk.
This is where national security and the private sector stop being separate conversations. Most critical infrastructure is privately owned and operated, which means the front line of national defense now runs through companies whose first duty is to investors and shareholders. The operators that can name the AI systems they rely on, assume their adversaries now carry capable co-pilots, and test their defenses against machine-speed intrusion are the ones that will fare best.
All of this argues for a different compact between government and industry, grounded in shared purpose. Major developers, critical-sector operators, and the national security agencies need to engage early and honestly on the most dangerous capabilities, the way Executive Order 14409 suggests. And the country must invest in defensive AI and in the people who wield it, so the defenders of American systems keep pace with their attackers.
I spent decades in the world of intelligence, much of it managing risk where the cost of getting it wrong was measured in much more than money. The warning the Five Eyes issued this month is the kind that professionals will take seriously. The timeline is tight, and the targets are the systems a society runs on. Frontier AI will define the next era of national power, and the open question is whether the defenders get their co-pilots before the attackers’ finish deploying theirs.
The Cipher Brief is committed to publishing a range of perspectives on national security issues submitted by deeply experienced national security professionals. Opinions expressed are those of the author and do not represent the views or opinions of The Cipher Brief.
Have a perspective to share based on your experience in the national security field? Send it to Editor@thecipherbrief.com for publication consideration.
Read more expert-driven national security insights, perspective and analysis in The Cipher Brief

8 hours ago
3







