Artificial intelligence (AI) is widening the gap between ability and skill, letting models autonomously breach systems, steal data, deploy ransomware and destroy networks with only minimal prompting.
Bruce Schneier wrote in The Guardian that national security agencies from the Five Eyes issued a joint statement warning of rising AI-driven cyber risks and urged more urgent action around established security measures.
Schneier traces the shift from skilled hackers such as the L0pht, who in 1998 told Congress they could take down the internet in 30 minutes, to the era of "script kiddies" who used prewritten tools without understanding them.
He argues the pattern that made basic hacking tools widespread is repeating with AI, because today’s models can automate attacks and will improve outside corporate guardrails.
Schneier warns that efforts to tether frontier models with safety checks will be undercut by smaller, open-source models and locally run agents that lack those controls.
He says the same technical knowledge that lets models find and fix code vulnerabilities also enables exploitation, so removing harmful capabilities from models is not a workable long-term defence.
The practical response, Schneier writes, is to use AI defensively to detect vulnerabilities earlier, improve software quality, monitor unusual behaviour and respond faster to incidents.
"We must act before and be prepared to adapt and withstand evolving threats," the Five Eyes agencies wrote.
