US-based cybersecurity giant CrowdStrike has warned of increasing cyberattacks from China-based companies aimed at stealing artificial intelligence in a bid to narrow the technology gap with the US
Bill Hinton | Moment Mobile | Getty Images
Cyberattacks aimed at stealing American artificial intelligence technology are increasingly expanding from technology-based attacks to exploiting human-level vulnerabilities, with China-based actors playing a growing role.
“As AI competition has intensified, the [People’s Republic of China] has increasingly targeted the technology sector,” said Matt Pearl, director of the strategic technologies program at the US think tank Center for Strategic and International Studies.
Instead of focusing on a specific trade secret like hardware designs, the hackers have broadened their interest to anything that could narrow the three- to four-month AI gap with the U.S., Pearl said. This ranged, he said, from understanding a company’s product roadmap, particularly in highly competitive sectors, to identifying vulnerabilities in supply chains.
The suspected cases are already increasing.
In June, U.S.-based cybersecurity giant CrowdStrike said Chinese companies accounted for more than half of state-sponsored attacks on technology companies, particularly their AI assets, in the 12 months ended March 31.

American tech start-up Anthropic has also accused Chinese companies including Alibabafrom illegal attempts to steal its AI capabilities. Alibaba did not respond to a request for comment.
Last year, US-based AI content recognition startup Copyleaks said that the responses generated by Chinese startup DeepSeek’s R1 model were similar to those of OpenAI’s ChatGPT almost three-quarters of the time, suggesting that the open-source Chinese model may have been trained on the US-developed model.
“We didn’t see it [the same stylistic match] in other LLMs,” said Alon Yamin, CEO and co-founder of Copyleaks.
DeepSeek and OpenAI did not immediately respond to requests for comment.
Brian Abbott, founder and CEO of U.S.-based startup Agentiq Capital, told CNBC in June that he believes an employee he hired from China last year was an agent of Beijing who intentionally changed code and website content to prevent the company from receiving venture capital funding.
Abbott claimed the employee replaced references to “ASI,” or artificial superintelligence, with “fintech,” a once-popular term that displeased many investors.
The person was fired earlier this year, Abbott said, and the company filed a complaint with the FBI. CNBC could not independently verify the claim.
“China’s economic espionage campaign is a persistent threat that costs the American economy hundreds of billions of dollars each year and endangers our national security,” the FBI said in a statement to CNBC.
“The FBI prioritizes investigating possible thefts of American technology by foreign actors and remains steadfast in our commitment to protecting the homeland.”
The Cyberspace Administration of China and the US State Department did not respond to CNBC’s request for comment. None of the people interviewed for this article said they had heard of a similar case of state-directed subversion of U.S. technology.
Graham Webster, editor-in-chief of Stanford University’s DigiChina project, said it can be difficult to distinguish state-sponsored espionage from individual or corporate-level efforts.
He also pointed out that the discussion about Chinese AI is also influenced by the fact that major US companies are preparing for large IPOs.
“[The] “For many decisions, the narrative trumps reality,” Webster said.
“The US government is trying to restrain China to some extent,” he added, referring to technology export controls. “We shouldn’t be surprised that the Chinese government is trying to do things differently.”
Table of Contents
Start-ups are more at risk
Capital has been a key driver of the AI race so far, with startups competing with rival tech giants or positioning themselves for acquisitions.
But it also creates “cyber poverty lines” where small businesses lack the resources of large companies to defend against cyberattacks, said Cliff Steinhauer, director of information security and engagement at the nonprofit National Cybersecurity Alliance.
Human vulnerabilities often pose the greater risk, Steinhauer said, especially as attackers rely on “social engineering” tactics amplified by AI-powered content campaigns.
Cyberattacks can also target new or hired employees to break into systems.
“We have seen many cases in our company where new employees who joined the company were immediately targeted by cyberattacks to gain access to our AI models,” said Copyleaks’ Yamin. He assumes there will be more such cases.
The efforts carried out by governments and companies also affect the operating costs of startups.
Anthropic announced on June 11 a program called Claude Corps to train 1,000 people in AI and connect them with nonprofits across the United States. Meanwhile, policymakers in China have introduced significant AI support, including free or subsidized computing power and rent-free office space for startups.
Isaac Stone Fish, founder and managing director of consulting firm Strategy Risks, said Beijing tends to focus more on large corporations, but startups remain particularly vulnerable because they don’t necessarily have cyber expertise.
“And Beijing’s attempt[s] have certainly increased in the last 18 months since the release of DeepSeek really kicked off the AI race between the US and China,” said Stone Fish.
“Beijing wants to ensure that Chinese companies are at the forefront of the global AI race,” he said. “One way to do this is to sometimes work to stifle the development of American AI companies, including through supply chain restrictions, employee harassment, hacking, targeted government subsidies to copycat competitors.”
It remains a challenge for startups to balance rapid innovation with security.
Abbott said the employee he hired initially agreed to work for free and eventually received a few thousand dollars a month in addition to stock options before being fired.
“If we paid everyone market rate, I could never afford that for a run-down startup,” he said, emphasizing the “need to secure our startup economy in the States.”
Choose CNBC as your preferred source on Google and never miss a moment from the most trusted name in business news.
https://www.cnbc.com/2026/07/01/china-ai-cyberattacks-startups-insider-risks-espionage.html
