Ad
U.S.-based cybersecurity giant CrowdStrike has warned of increasing cyberattacks from China-based entities aimed at stealing artificial intelligence to narrow the tech gap with the U.S.Bill Hinton | Moment Mobile | Getty Images
Cyberattacks aimed at stealing American artificial intelligence technology are increasingly expanding from tech-based attacks to the exploitation of human-level vulnerabilities, with China-based actors playing a growing role.
“As the AI race has heated up, the [People’s Republic of China] has targeted the tech sector increasingly,” said Matt Pearl, director of the strategic technologies program at the U.S.-based think tank Center for Strategic and International Studies.
Rather than focusing on a specific trade secret, such as hardware designs, the hackers have broadened their interest to anything that could narrow the three- to four-month AI gap with the U.S., Pearl said. That, he said, ranges from understanding a company’s product roadmap, particularly in highly competitive sectors, to identifying weaknesses in supply chains.
The alleged cases are already piling up.
In June, U.S.-based cybersecurity giant CrowdStrike said Chinese entities accounted for more than half of state-sponsored intrusions targeting technology companies, especially their AI assets, in the 12 months through March 31.
American tech start-up Anthropic has also accused Chinese companies, including Alibaba, of illicit attempts to steal its AI capabilities. Alibaba did not respond to a request for comment.
Last year, U.S.-based AI content detection startup Copyleaks said the responses generated by Chinese startup DeepSeek’s R1 model resembled those produced by OpenAI’s ChatGPT nearly three-quarters of the time, suggesting the open-source Chinese model may have been trained on the U.S.-developed one.
“We haven’t seen [the same stylistic match] in other LLMs,” said Alon Yamin, CEO and co-founder of Copyleaks.
DeepSeek and OpenAI did not immediately respond to requests for comment.
Brian Abbott, founder and CEO of U.S.-based start-up Agentiq Capital, told CNBC in June that he believed an employee he hired from China last year was an agent of Beijing who purposely altered code and website content to prevent the company from getting venture capital funding.
Abbott alleged the employee replaced references to “ASI,” or artificial superintelligence, with “fintech,” a once-trending term that many investors have soured on.
The individual was dismissed earlier this year, Abbott said, and the company filed a complaint with the FBI. CNBC was unable to independently verify the allegation.
“China’s economic espionage campaign is a continuing threat that costs the American economy hundreds of billions of dollars per year and puts our national security at risk,” the FBI said in a statement to CNBC.
“The FBI prioritizes investigating any potential theft of US technology by foreign actors and remains unwavering in our commitment to protect the homeland.”
The Cyberspace Administration of China and the U.S. Department of State did not offer a comment when contacted by CNBC. None of the individuals interviewed for this piece said they had heard of a similar instance of state-directed subversion of U.S. technology.
Graham Webster, editor-in-chief of Stanford University’s DigiChina Project, said distinguishing state-sponsored espionage from individual or corporate-level efforts can be difficult.
He also pointed out that the conversation about Chinese AI is also affected by major U.S. companies gearing up for major initial public offerings.
“[The] narrative is overtaking reality in a lot of decisions,” Webster said.
“The U.S. government is trying to hold China back to some extent,” he added, referring to technology export controls. “We should not be surprised that the Chinese government tries otherwise.”
Start-ups more at risk
Capital has been a defining driver of the AI race so far, with start-ups racing to rival tech giants or position themselves for acquisitions.
But that’s also created “cyber poverty lines” where small businesses lack the resources of large companies to defend against cyberattacks, said Cliff Steinhauer, director of information security and engagement at the non-profit National Cybersecurity Alliance.
Human vulnerabilities often pose the greater risk, Steinhauer said, particularly as attackers rely on “social engineering” tactics amplified by AI-powered content campaigns.
Cyberattacks can also target new or contracted employees to breach systems.
“We’ve seen a lot of cases within our company, new employees that are joining the company, immediately they’re a target of cyberattacks to get access to our AI models,” Copyleaks’ Yamin said. He expects to see more such cases.
Government and company-led efforts also impact start-up operating costs.
Anthropic on June 11 announced a program called Claude Corps to train 1,000 people in AI and match them with non-profits in the U.S. Meanwhile in China, policymakers have rolled out significant AI support, including free or subsidized computing power and rent-free office space for start-ups.
Isaac Stone Fish, founder and chief executive of consultancy Strategy Risks, said Beijing tends to focus more heavily on large corporations, but startups remain especially exposed since they don’t necessarily have cyber expertise.
“And Beijing’s attempt[s] have certainly increased over the last 18 months, since the release of DeepSeek really kicked off the US-China AI race,” Stone Fish said.
“Beijing wants to ensure that Chinese companies are at the vanguard of the global AI race,” he said. “One way that it does that is by sometimes working to suppress the development of American AI companies, through supply chain restrictions, employee harassment, hacking, targeted government subsidies of copycat competitors, among other strategies.”
“We’ve seen a lot of cases within our company, new employees that are joining the company, immediately they’re a target of cyberattacks to get access to our AI models,” Copyleaks’ Yamin said. He expects to see more such cases.
For startups, balancing rapid innovation with security remains a challenge.
Abbott said the employee he hired was initially willing to work for free, and eventually received a few thousand dollars a month in addition to stock options, before the firing.
“If we paid everybody market rate, for a scrappy start-up I could never afford to do this,” he said, emphasizing the “need to secure our economy of start-ups stateside.”
Choose CNBC as your preferred source on Google and never miss a moment from the most trusted name in business news.
Ad

