China-linked cyberattacks broaden focus as U.S. AI competition intensifies
Rising competition in artificial intelligence is widening the cyber risk facing U.S. companies beyond core technology theft. Analysts say China-linked actors are increasingly targeting product plans, supply chains and staff vulnerabilities as they seek to narrow the AI gap with the U.S.
Highlights
- CrowdStrike reports China-linked actors conducted over half of state-sponsored cyber intrusions targeting U.S. technology firms, especially in AI, in the year through March 31.
- Attackers now pursue a broader range of assets—including AI product roadmaps and supply-chain data—in an effort to close a three- to four-month AI gap with the U.S.
- Startups face heightened risk due to limited cybersecurity resources, with cases like Agentiq Capital and Anthropic alleging Chinese-linked insider or competitor theft attempts targeting AI technologies.
Broader targeting across AI businesses
As reported by CNBC, CrowdStrike says China-linked entities are increasing cyberattacks aimed at stealing artificial intelligence-related advantages from U.S. companies. The cybersecurity group says Chinese actors accounted for more than half of state-sponsored intrusions targeting technology companies, especially AI assets, in the 12 months through March 31.Analysts say the activity is no longer limited to stealing a single trade secret such as chip or hardware designs. Matt Pearl, director of the strategic technologies program at the Center for Strategic and International Studies, says attackers are now seeking anything that could help close what he describes as a three- to four-month AI gap with the U.S., including product roadmaps and supply-chain weaknesses.
Other alleged cases add to those concerns. Anthropic has accused Chinese companies including Alibaba of illicit attempts to steal its AI capabilities, while Copyleaks said last year that outputs from DeepSeek's R1 model resembled OpenAI's ChatGPT responses nearly three-quarters of the time, suggesting the Chinese open-source model may have been trained on the U.S.-developed system.
Startups face higher exposure
Security specialists say smaller companies are especially exposed because the AI race has been driven heavily by capital and rapid growth. Cliff Steinhauer of the National Cybersecurity Alliance says that dynamic has created "cyber poverty lines," leaving small businesses without the defenses available to larger groups.Human vulnerabilities remain a major entry point, particularly as attackers use AI-amplified social engineering campaigns and target new or contract employees. Graham Webster, editor-in-chief of Stanford University's DigiChina Project, says it can be difficult to separate state-backed espionage from activity at the individual or corporate level.
Agentiq Capital founder and CEO Brian Abbott told CNBC in June that he believes a China-hired employee altered code and website content to hurt the startup's ability to secure venture funding. Abbott says the employee was dismissed earlier this year and the company filed a complaint with the FBI, which says it prioritizes investigating potential theft of U.S. technology by foreign actors.
Our earlier article on the ICTS Supply Chain Security Act explained how U.S. senators proposed to codify and expand the Commerce Department’s powers to screen foreign-linked technology in critical communications and AI infrastructure. We noted the bill would strengthen enforcement and oversight for transactions tied to countries of concern such as China, while also setting guardrails to protect free speech and access to open-source software.
- Forex
- Crypto