US-based cybersecurity giant CrowdStrike has warned of an increase in cyberattacks from China-based organizations aimed at stealing artificial intelligence to close the technology gap with the US.
Bill Hinton | Moment Mobile | Getty Images
Cyberattacks aimed at stealing U.S. artificial intelligence technology are increasingly expanding from technology-based attacks to exploiting human-level vulnerabilities, with China-based attackers playing an increasing role.
“As the AI competition intensifies,[the People’s Republic of China]has increasingly targeted the technology sector,” said Matt Perl, director of the strategic technology program at the U.S.-based think tank Center for Strategic and International Studies.
Rather than focusing on specific trade secrets, such as hardware design, the hackers are broadening their interest in anything that could close the three- to four-month gap with the U.S. on AI, Pearl said. That ranges from understanding a company’s product roadmap, especially in competitive sectors, to identifying weaknesses in the supply chain, he said.
Suspicious incidents are already piling up.
In June, US-based cybersecurity giant CrowdStrike announced that Chinese companies accounted for more than half of state-sponsored intrusions targeting technology companies, particularly AI assets, in the 12 months ending March 31.

American tech startup Anthropic also blames the Chinese company. alibabaabout illegal attempts to steal its AI capabilities. alibaba He did not respond to requests for comment.
Last year, US-based AI content detection startup CopyLeaks said that responses generated by Chinese startup DeepSeek’s R1 model were similar nearly three-quarters of the time to responses generated by OpenAI’s ChatGPT, suggesting that the open-source Chinese model may have been trained on a US-developed model.
“I haven’t seen[the same style match]in other LLMs,” said Alon Yamin, CEO and co-founder of Copyleaks.
DeepSeek and OpenAI did not respond to requests for comment.
Brian Abbott, founder and CEO of U.S.-based startup Agentic Capital, told CNBC in June that he believed the employees he hired from China last year were agents of the Chinese government and that the company intentionally changed its code and website content to prevent it from raising venture capital funding.
Mr. Abbott claimed that his employees replaced references to “ASI” (artificial super intelligence) with “fintech,” a trending term that was once frowned upon by many investors.
That person was fired earlier this year, Abbott said, and the company filed a complaint with the FBI. CNBC was unable to independently verify this allegation.
“China’s economic espionage is a continuing threat, costing the U.S. economy hundreds of billions of dollars annually and endangering our national security,” the FBI said in a statement to CNBC.
“The FBI has prioritized investigating potential theft of U.S. technology by foreign actors, and our resolve to protect the homeland remains unwavering.”
The Cyberspace Administration of China and the U.S. State Department did not respond to requests for comment from CNBC. None of the people interviewed for this article said they had heard of similar cases of state-sponsored destruction of American technology.
Graham Webster, editor-in-chief of the DigiChina Project at Stanford University, said it can be difficult to distinguish between state-sponsored espionage and activity at the individual or corporate level.
He also noted that the conversation around AI in China is also being influenced by major U.S. companies preparing for major initial public offerings.
“In many decisions, the narrative is overtaking reality,” Webster said.
“The U.S. government is trying to keep China in check to some extent,” he added, referring to technology export controls. “We shouldn’t be surprised if the Chinese government tries to do otherwise.”
Start-ups are more at risk
Capital has traditionally been a crucial driver of the AI race, with startups vying to establish themselves against tech giants or through acquisitions.
But it’s also created a “cyber poverty line,” where small businesses lack the resources of larger companies to defend against cyberattacks, said Cliff Steinhauer, director of information security and engagement at the nonprofit National Cybersecurity Alliance.
Steinhauer said human vulnerabilities often pose a greater risk, especially when attackers rely on “social engineering” tactics augmented by AI-powered content campaigns.
Cyberattacks can also target new employees and contract workers to infiltrate systems.
“We’ve seen many cases where new employees join the company and are immediately targeted by cyberattacks aimed at gaining access to our AI models,” CopyLeaks’ Yamin said. He expects to see more such cases.
Government and corporate-led initiatives also impact startup operating costs.
Anthropic on June 11 announced a program called Claude Corps that will train 1,000 people in the United States in AI and match them with nonprofit organizations. Meanwhile, in China, policymakers are rolling out massive AI support, including free or subsidized computing power and free office space for startups.
Isaac Stone Fish, founder and chief executive of consulting firm Strategy Risks, said that while the Chinese government tends to focus on large corporations, startups remain particularly at risk because they don’t necessarily have the cyber expertise.
“And the Chinese government’s efforts have steadily increased in the past 18 months, since the release of DeepSeek marked the beginning of the U.S.-China AI race in earnest,” Stone Fish said.
“The Beijing government wants to ensure that Chinese companies are at the forefront of the global AI race,” he said. “One way to do that is to sometimes work to stifle the development of U.S. AI companies through strategies such as supply chain restrictions, employee harassment, hacking, and targeted government subsidies to copycat competitors.”
“We’ve seen many cases within our company where new employees are immediately targeted by cyberattacks to gain access to our AI models,” CopyLeaks’ Yamin said. He expects to see more such cases.
Balancing rapid innovation and security remains a challenge for startups.
Mr. Abbott said the employees he hired were initially willing to work for free, but ended up receiving thousands of dollars a month in addition to stock options before being fired.
“If you pay everyone market rates, that’s just not going to happen to these poor startups,” he said, stressing “the need to secure the economics of startups in America.”
