The UK’s adversaries are not waiting for permission to cooperate on artificial intelligence. New research from the Alan Turing Institute’s Centre for Emerging Technology and Security (CETaS) finds early signs that China, Russia, Iran and North Korea are exploring bilateral AI sharing arrangements that could amplify threats in cyber operations, information warfare and military technology. The research is clear-eyed about what this means: the UK needs to stop treating these states as isolated actors and start preparing for a world where hostile AI capabilities circulate between them.

Why this research matters now

The timing is not accidental. Western sanctions regimes, export controls and diplomatic isolation were designed to constrain these states individually. The CETaS research suggests those measures may be producing an unintended side effect: pushing adversaries closer together.

Strategic Reality: Sanctions designed to weaken individual states are creating incentives for bilateral AI cooperation. The tools meant to isolate are, in some cases, accelerating collaboration.

The report examines the so-called “CRINK” states — China, Russia, Iran and North Korea — and their respective AI strategies, capabilities and bilateral relationships. What emerges is a picture that is more nuanced than the monolithic threat bloc sometimes portrayed in policy discussions.

StateAI maturityPrimary roleKey relationships
ChinaGlobal leaderTechnology exporter, strategic coordinatorRussia (primary), expanding beyond CRINK
RussiaModerate, growingMilitary AI applications, signals intelligenceChina (primary), Iran and North Korea (secondary)
IranEarly stageAsymmetric warfare, information operationsRussia (primary), China (growing)
North KoreaNascentCyber operations, revenue generationChina and Russia (dependent)

China is the anchor. It holds the most advanced AI capabilities of the four and is actively using technology transfers to deepen influence over the others’ research agendas and security ecosystems. Russia is the most capable junior partner, whilst Iran and North Korea provide Beijing and Moscow with opportunities to export technology and shape AI development in states that might otherwise remain on the margins.

What the evidence actually shows

Here is where the research exercises useful restraint. Despite the alarming framing that hostile AI cooperation invites, the CETaS team found no direct evidence of multilateral CRINK cooperation on AI. There are no joint AI programmes, no shared training facilities, no common development platforms connecting all four states.

What does exist is a pattern of bilateral arrangements — technology transfers, research exchanges, joint military exercises — that could lay groundwork for more coordinated AI sharing in future.

Critical Context: The distinction between bilateral and multilateral cooperation matters. Four states sharing AI in pairs is a different threat profile from four states operating as a coordinated bloc. Policy responses should reflect this difference.

The researchers identified several channels through which hostile AI capabilities could spread:

Information warfare. AI-generated content, deepfakes and automated influence campaigns are already being deployed by individual CRINK states. Shared tools, techniques and targeting data would multiply their effectiveness.

Offensive cyber operations. AI-enhanced vulnerability discovery, automated exploitation and adaptive malware represent growing threats. States with mature AI capabilities have clear incentives to share these with less capable allies in exchange for strategic access or political alignment.

Military technologies. Autonomous systems, AI-assisted targeting and intelligence analysis tools are all areas where bilateral cooperation could accelerate capability development beyond what any single CRINK state would achieve alone.

The sanctions paradox

Perhaps the most uncomfortable finding is about Western policy itself. The report identifies what amounts to a strategic paradox: the levers that the US and UK have pulled to mitigate national security risks — sanctions, export controls, diplomatic pressure — have pushed CRINK states toward stronger bilateral relationships and self-reliant innovation.

Strategic Insight: This is not an argument against sanctions. It is an argument for understanding their second-order effects and designing mitigation strategies that account for adversary adaptation.

China’s global AI supply chain dominance makes this particularly acute. As the gap between Chinese AI capabilities and those of Western democracies narrows in some domains, states dependent on Chinese technology will find it increasingly natural to align their AI development with Beijing’s priorities rather than Washington’s or London’s.

The UK’s own position adds another layer of complexity. The report is blunt: when discussing national security risks related to hostile AI development, the UK’s dependency on the United States is “inextricable.” That dependency is not itself a vulnerability in stable geopolitical conditions, but it does mean the UK has limited independent capacity to respond if US priorities shift or if transatlantic alignment weakens.

Four risks that deserve more attention

Beyond the headline findings, the CETaS research surfaces several under-discussed risks that UK organisations and policymakers should be tracking.

1. Talent exchange as a vector for capability transfer. The report flags talent exchange programmes between CRINK states as an early indicator of AI cooperation. Researchers and engineers moving between institutions in Beijing and Moscow carry knowledge that no export control can restrict. Monitoring these flows is technically difficult and politically sensitive, but ignoring them leaves a significant blind spot.

Hidden Cost: Talent mobility between adversary states is the least visible and potentially most effective channel for hostile AI capability transfer. Unlike hardware, expertise cannot be sanctioned at the border.

2. Technology dependency cascades. Iran and North Korea’s growing dependency on Chinese AI components and frameworks creates a cascade effect. As Beijing’s AI ecosystem matures, smaller states adopting its tools will inherit both capabilities and vulnerabilities — and will become harder to decouple from Chinese technology stacks over time.

3. The oversimplification trap. The researchers warn against treating CRINK as a unified bloc. These states have competing interests, historical tensions and divergent strategic priorities. Oversimplifying the threat could lead to policy responses that are poorly targeted or that inadvertently push states closer together.

Reality Check: CRINK is a useful analytical shorthand, not a description of a coordinated alliance. Russia and China have deep mutual suspicions. Iran and North Korea have limited direct engagement. Policy built on the assumption of a unified adversary bloc will misread the threat.

4. Defensive AI gaps in the UK. Whilst the report focuses on hostile AI cooperation, the inverse question is equally pressing: how prepared is the UK’s own defensive AI capability? If adversaries begin sharing offensive AI tools, the UK will need detection systems, attribution capabilities and response frameworks that match the pace of the threat.

What UK organisations should do

The CETaS research identifies three strategic priorities for the UK government, but the implications extend well beyond Whitehall. Any organisation handling sensitive data, operating critical infrastructure or working in defence supply chains needs to consider these findings.

Priority 1: Disrupt hostile AI cooperation

This means moving beyond sanctions-only approaches. Targeted measures should focus on specific AI cooperation channels — joint research programmes, technology transfer agreements, talent pipelines — rather than broad economic pressure that may accelerate the very cooperation it aims to prevent.

Implementation Note: Disruption does not mean escalation. Surgical interventions targeting specific cooperation channels are more effective than broad sanctions that push adversaries closer together.

Priority 2: Build UK resilience

Reducing foreign dependencies is the headline, but the detail matters. The UK needs to identify which AI capabilities are most critical for national security and invest in domestic or trusted-partner alternatives. This is not about building everything at home — it is about ensuring that the most sensitive capabilities are not dependent on supply chains that pass through adversary states.

Priority 3: Strengthen trusted partnerships

The report recommends expanding engagement with partners in the Middle East and Indo-Pacific to bolster democratic security and technological capabilities. This is essentially a counter-strategy to China’s expanding influence: offering alternative technology partnerships that do not come with Beijing’s strings attached.

Maturity levelImmediate actionsMedium-term priorities
Government departmentsMap AI supply chain dependencies, establish red lines for hostile AI cooperationDevelop domestic AI capability for critical national security functions
Defence supply chainsAudit third-party AI components for CRINK-origin technologyBuild redundancy into AI-dependent systems
Critical infrastructureReview AI-enabled threat assessments against CRINK capability profilesInvest in AI-powered defensive monitoring
Regulated sectorsUpdate risk frameworks to include hostile AI cooperation scenariosEngage with NCSC guidance on AI-enabled threats

The bottom line

This CETaS research does something valuable: it takes a threat that is often discussed in vague, alarmist terms and grounds it in evidence. The hostile AI cooperation risk is real but specific. It is bilateral, not multilateral. It is emerging, not established. And it is being shaped as much by Western policy choices as by adversary intentions.

Strategic Reality: The window for shaping how hostile AI cooperation develops is still open. The question is whether the UK will use it to disrupt emerging patterns or wait until bilateral experiments solidify into established capabilities.

Three priorities for decision-makers watching this space:

  1. Distinguish rhetoric from capability. Not all CRINK cooperation announcements translate into real AI capability transfer. Focus intelligence and policy attention on verified bilateral programmes, not diplomatic signalling.
  2. Account for second-order effects. Every sanctions package, every export control, every diplomatic move changes the incentive structure for adversary cooperation. Model these effects before acting.
  3. Invest in attribution. As hostile AI capabilities spread between states, attributing attacks and influence operations becomes harder. The UK needs AI-powered attribution tools that can trace techniques back to their origin, even when shared across borders.

The full CETaS report is available from the Alan Turing Institute.


Resultsense provides AI risk management guidance and strategic AI planning for UK organisations navigating the intersection of artificial intelligence and national security policy.