Five Eyes Agencies Warn Organizations to Slow Rollouts of Agentic AI Due to Security Risks

Summary

Intelligence and cybersecurity agencies from the Five Eyes alliance have jointly released guidance warning that rapid deployment of agentic AI systems poses significant security and operational risks. The document "Careful adoption of agentic AI services" emphasizes that agentic AI systems operating across critical infrastructure create an "interconnected attack surface" that malicious actors can exploit, with each component widening vulnerability vectors.

The agencies outline concrete attack scenarios, including an AI agent given excessive write permissions that accepts a seemingly innocuous request to delete firewall logs alongside applying security patches, and a procurement agent compromised through a low-risk tool integration that leads to unauthorized contract modifications and payment fraud. The guidance identifies 23 distinct risks and over 100 best practices for developers, vendors, security practitioners, and researchers.

The core recommendation is to prioritize resilience over productivity and to assume agentic AI systems may behave unexpectedly until security practices, evaluation methods, and standards mature. The agencies advocate for "fail-safe by default" design where agents stop and escalate uncertain scenarios to human reviewers rather than proceeding autonomously.

• Organizations should implement fail-safe mechanisms requiring human escalation for uncertain scenarios rather than autonomous decision-making
• The warning applies to critical infrastructure and defense sectors where agentic AI is increasingly being deployed