AI companies are becoming a hotter target for state-backed hackers, and CrowdStrike says the pressure is coming most aggressively from China, with North Korea also in the mix. The cybersecurity firm says more than 58% of government-linked attacks against technology companies are aimed at stealing AI know-how and intellectual property, a reminder that model weights and training tricks now attract the same kind of attention once reserved for chip designs and missile plans.
The basic playbook is familiar: get into corporate networks, stay there, and quietly pull out the most valuable material. In AI, that means models, algorithms, and engineering methods that rivals would rather copy than build from scratch. That shortcut is especially tempting because the gap between building a frontier system and stealing the blueprint is still a lot smaller than the gap between a lab demo and a global product.
What CrowdStrike says attackers want
CrowdStrike describes Chinese-linked operations as increasingly focused on companies developing AI systems, with attacks also hitting government communications networks in Southeast Asia and tech firms in North America. The company says the activity looks systematic rather than opportunistic, using weaknesses in infrastructure to gain durable access to corporate networks.
- More than 58% of state-linked attacks on tech companies are tied to theft of AI development and intellectual property, according to CrowdStrike.
- Targets include models, algorithms, and engineering solutions.
- Some operations have also reached government communications systems in Southeast Asia and tech companies in North America.
North Korea’s separate playbook
North Korea is taking a different route, CrowdStrike says, using cyberattacks to break into IT companies across regions and generate revenue for state needs. The focus on remote teams and contractors in North America, Europe, and Asia is a neat fit for a world where a security lapse in one vendor can open the door to a much bigger prize.
The warning lands at a moment when AI security is already getting more attention from the industry’s biggest names. Anthropic and OpenAI have both previously said Chinese actors tried to extract competitively sensitive information about models and technology, and that makes CrowdStrike’s report look less like an outlier than another entry in a growing pattern.
AI security is becoming a business problem
CrowdStrike also says offensive and defensive cyber tools are increasingly being built around AI models, and it has recently updated its own systems with newer models for threat detection. That is the awkward truth of the current moment: the same technology that helps defenders spot intruders faster is also making it easier for attackers to scale up their operations.
As AI systems get more expensive to build and harder to replicate, protecting intellectual property is turning into a core part of technological power. The next question is whether companies will treat AI labs like crown-jewel infrastructure before the spies have already done the math for them.