A Sky News piece this week put a number on something the AI labs have been hinting at for months. We may have six to twelve months to harden critical software before AI-driven cyber attacks reach a scale we have never faced.
The trigger is a new generation of models. Anthropic released one earlier this year – referred to in the piece as Mythos – so capable it was held back from public release. Mozilla, given limited access, jumped from roughly thirty bug fixes a month to over a hundred. The AI Security Institute here in London ran the latest models through their cyber simulation. Where Claude Sonnet 3.7 could only do basic reconnaissance, the new generation can take over a network end to end.
That capability is being held tightly by the leading labs. But open-source models are catching up. Stanford’s AI Index now puts Chinese open-source models roughly level with the American frontier. Some estimates give us eight months before that capability is freely available. Others suggest two or three.
What strikes me is where the damage will actually land.
Banks and defence will harden themselves. They have the budgets, the talent and the political pressure to do it. The places that will get hit are the ones we all rely on every day. Hospitals, GPs, schools, councils, smaller firms with three IT staff and a stretched budget. The organisations already struggling with ransomware will struggle harder.
Cyber attacks already cost the UK economy around fifteen billion a year – half a percent of GDP, more than several government departments spend in total. That is before AI raises the ceiling on what an attacker can do.
The good news is that AI is also the most powerful defensive tool we have ever had. Patching software at scale is now possible. Genuinely secure systems are within reach. The question is whether we move fast enough to make that the reality.
Are you reviewing your technology stack with this in mind? Most boards I speak to still treat cyber as an IT line item. The next six months might be the moment that changes.