Leaders must respond to imminent threat

The risks and opportunities that come with frontier AI models are very apparent to cyber security experts. Recent research suggests that 43% of IT decision-makers have identified AI-powered attacks as their biggest risk over the next 12 months. However, there is a concern that non-specialists, particularly leaders and those tasked with cyber governance in smaller organisations, are not approaching the situation with the necessary urgency.

Earlier in June, the leaders of the “Five Eyes” cyber agencies (representing UK, US, Canada, Australia and New Zealand) published a call to action to encourage all leaders to respond to what they consider to be an imminent threat. This includes:

• assessing risks,
• prioritising key foundational practices,
• equipping cyber teams with resources, and
• staying engaged in an ever-evolving landscape. 

Strength in depth is a key message, as is being alert to zero-day vulnerabilities, accelerated patching processes, identity and access controls, and overall preparedness for incidents.

The message from Five Eyes is timely. June saw the release of Anthropic’s Claude Fable 5, a version of Mythos which we discussed in April as possibly the most powerful model ever developed. However, just days later, the model was abruptly removed from public access.

It was found to have possible weaknesses allowing users to bypass the controls that had been implemented to make it safe for public release, and use the powerful model in a cyber attack. It was Amazon’s Chief Executive who, according to sources, raised concerns about the model directly with White House officials, leading them to effectively ban Anthropic from making the model available to non-US users, and in turn, force Anthropic to withdraw the model entirely.

This action has sparked intense debate in AI and cyber circles about the geopolitical landscape and the bearing it can have on AI and cyber risk. The move to withdraw Claude Fable 5 and Mythos came as BT became the first UK company to publicly announce their participation in Anthropic’s Project Glasswing, a cyber security partnership programme using Mythos.

Many countries are now looking at what steps they can take to establish sovereign AI capabilities, while ensuring their citizens and companies are able to access globally developed cutting edge solutions. However, it also highlights the tense relationship in the US between authorities and major model developers, with Anthropic in an ongoing dispute relating to the US government’s decision to designate Anthropic as a supply chain risk.

OpenAI, meanwhile, has continued to provide organisations, including UK banks, with access to its specialist model GPT-5.5 Cyber, as well as recently expanding its Daybreak programme to support the rapid vulnerability identification and patching of open-source software.

Cyber threats unabating

The public sector, in particular education and healthcare organisations, continue to be heavily targeted by cyber criminals. Notable incidents in the last month include a secondary school and a university. Meanwhile, the fallout of an attack on NHS systems in 2024 continues, with further confirmation this month from three NHS trusts that patient data had been stolen.

Following on from our exploration of extortion-only attacks in January, there is further research that cyber criminals are pivoting towards obtaining, rather than encrypting, data. An insurer has identified that in the second half of 2025, 65% of claims relating to extortion did not involve data encryption, up from 49% in the first half of the year.

It raises significant questions about how companies should respond to such incidents, as there is no guarantee that criminals will honour their commitments to delete data once a ransom is paid. Indeed, it is thought there are cases where criminals don’t even have the data that they claim to have stolen.

Official advice remains not to pay ransom requests given the likelihood of funding wider criminal activities (including hostile states as highlighted by the CEO of the UK’s National Cyber Security Centre), and the increased risk of further attacks by an organisation identifying itself as one willing to give in to attackers’ demands.

Supply chains also continue to be a feature of cyber incidents, with widely used password management solution LastPass confirming a breach via one of its third-party integrations, and an archive of more than 70,000 Fortinet VPN credentials also recently being exposed.

Such incidents highlight the risk of password-based security, with a single breach of a password manager, resulting in criminals gaining access to an entire portfolio of websites.

The National Cyber Security Centre has issued a new blog on the topic of software supply chain attacks encouraging all organisations to review their dependencies, particularly in relation to open-source solutions.

While LastPass has asserted that passwords stored were ‘most likely’ not exposed, and Fortinet has said that the leak was simply resharing of data exposed in historic incidents, it still raises the question of when we can truly remove dependency on passwords.

It is in this context that a new website has been launched to highlight and put pressure on sites that do not yet support passkeys, now considered a superior security solution to conventional passwords. In the meantime, password rotation and multi-factor authentication remain important tools in access management.

Spare a thought for the criminals…

Reassuringly, authorities are acting against cyber crime. The incident impacting Transport for London in 2024 has resulted in convictions in court this month, sending a clear message that criminal activity will not go unpunished.

Meanwhile, it turns out it’s not just accountants and software engineers who are worried about the impact AI will have on jobs. Research conducted by Sophos, analysing conversations on cyber-criminal discussion forums and messaging apps, highlighted how AI is transforming the ‘sector’, and the fear of some hackers that AI is lowering barriers to entry and removing the need for advanced skills to conduct attacks. It turns out, even the cyber-crime underworld can’t escape the AI debate.