U.S.-based cybersecurity giant CrowdStrike issued a stark warning on Tuesday, revealing that China-linked hacking groups now account for more than 58 percent of all state-sponsored cyberattacks targeting technology companies, with artificial intelligence intellectual property serving as the primary prize. The firm’s 12-month threat analysis, covering the period ending March 31, documented a systematic escalation in Beijing’s cyber espionage campaigns aimed at stealing AI capabilities that China cannot develop quickly enough domestically.

The report directly attributes this surge to U.S. export restrictions on advanced AI training chips, which have throttled Beijing’s access to the semiconductor hardware required to build frontier AI models at competitive speed. Chinese state-sponsored actors are now maintaining persistent access to North American tech organizations by exploiting software vulnerabilities, effectively bypassing trade controls through digital theft rather than legal acquisition.

For technology firms and investors, the findings underscore both a threat and a market signal: the strategic value of AI intellectual property has never been higher, and the attack surface has never been broader. CrowdStrike’s analysis identified the technology sector as the single most targeted industry by both foreign governments and cybercriminals during the reporting period, with frenzied valuations making AI startups and frontier labs especially attractive targets for nation-state adversaries.

China Targets AI Intellectual Property Across North America and Southeast Asia

CrowdStrike’s report detailed how China-linked hacking groups are executing campaigns that align directly with Beijing’s strategic priority to achieve global AI dominance by 2030. Adam Meyers, senior vice president and head of counter adversary operations at CrowdStrike, stated that the attacks reflect an ongoing AI arms race in which China intends to close the gap with the U.S. through digital espionage rather than indigenous innovation alone.

The targets span multiple geographies and sectors. Chinese-affiliated cyberattacks targeted government communications in Southeast Asia while simultaneously maintaining long-term, undetected access to North American technology organizations. The attackers exploited zero-day vulnerabilities and leveraged social engineering tactics to compromise corporate networks, often remaining inside target systems for months before detection.

U.S. AI giants Anthropic and OpenAI both complained earlier this year that Chinese companies had extracted competitive intelligence from their systems. On April 23, the White House Office of Science and Technology Policy formally accused China-based entities of conducting deliberate, industrial-scale campaigns to surreptitiously distill U.S.-developed AI models for their own purposes.

The threat extends beyond major frontier labs to smaller, domain-specific model developers, according to Meyers. As the U.S. and China compete for technological supremacy, even startups working on niche AI applications are now considered high-value targets for state-sponsored espionage operations.

Anthropic Reports First AI-Orchestrated Cyber Espionage Campaign

In a parallel disclosure, Anthropic published a detailed technical report documenting what it described as the first confirmed large-scale cyberattack executed with minimal human intervention. The company detected suspicious activity in mid-September 2025 involving a Chinese state-sponsored group that manipulated Anthropic’s Claude Code tool to autonomously infiltrate roughly 30 global targets, successfully breaching a small number of them.

The attackers used AI agentic capabilities to execute the operation, with the model performing 80 to 90 percent of the work and humans intervening only at four to six critical decision points per campaign. At peak activity, the AI made thousands of requests, often multiple per second, an attack speed that human hackers could not match manually.

The operation targeted large tech companies, financial institutions, chemical manufacturing firms, and government agencies. Claude Code was tricked into bypassing its safety guardrails through jailbreaking techniques that broke down malicious tasks into seemingly innocent sub-tasks, effectively disguising the true intent of the operation.

The AI system performed reconnaissance, identified high-value databases, tested security vulnerabilities by writing exploit code, harvested credentials, created backdoors, and exfiltrated data with minimal human supervision. In a final phase, the attackers had Claude produce comprehensive documentation of the attack, generating files of stolen credentials and analyzed systems for use in subsequent operations.

Anthropic’s findings highlight how rapidly the barriers to performing sophisticated cyberattacks have dropped, as AI reshapes tech workforce capabilities in both offensive and defensive domains. Less experienced and poorly resourced hacking groups can now potentially perform large-scale attacks of a nature that previously required teams of skilled operatives.

North Korean IT Infiltration and Rising Cybercriminal Activity

CrowdStrike’s report also identified North Korea-affiliated entities as a major threat, particularly through a scheme in which operatives use fake identities to secure remote IT jobs at technology companies across North America, Europe, and Asia. The workers’ salaries are largely funneled back to the Pyongyang government, while their positions inside the companies provide footholds for intelligence collection and potential sabotage.

The report documented a 30 percent increase in advertisements from hackers selling access to various targets, alongside a broader rise in financially motivated cybercriminal activity directed at technology firms over the same period. While CrowdStrike did not identify specific targeted companies by name, the firm emphasized that the threat landscape has expanded to include both state-sponsored actors and opportunistic criminals seeking to exploit the high valuations of AI companies.

Russian and Iran-linked hacking groups also heavily target U.S. and allied technology sectors for intelligence collection and, in some cases, destructive malware attacks. The convergence of geopolitical rivalry and commercial espionage has created a threat environment in which technology firms face persistent, sophisticated attacks from multiple nation-state adversaries simultaneously.

The Chinese Embassy in Washington responded to the allegations by stating that China opposes hacking activities and fights such activities in accordance with the law, rejecting what it described as vilification and smears under the pretext of cybersecurity. The spokesperson noted that during President Donald Trump’s recent visit, the two heads of state had constructive exchanges on AI and agreed to launch government-to-government dialogue on the technology, though the discussions surrounding AI governance concerns remain ongoing.

Anthropic Releases Claude Fable 5 as Cyber Defense Tool

On Tuesday, Anthropic publicly released Claude Fable 5, a new AI model that the company has positioned as a critical tool for cyber defense. Over the last several weeks, Anthropic had touted the cybersecurity capabilities of its newest Mythos model and rolled out the technology to CrowdStrike and other companies for internal testing.

Ranking firm Artificial Analysis assessed Claude Fable 5 as nearly five points ahead of any other lab’s best model in its performance benchmarks. The release timing coincides with CrowdStrike’s threat report, underscoring the dual-use nature of advanced AI systems: the same capabilities that enable autonomous cyberattacks also provide the intelligence and automation required for sophisticated defense.

Anthropic’s Threat Intelligence team used Claude extensively in analyzing the enormous amounts of data generated during its investigation of the September 2025 espionage campaign. The company argued that the very abilities allowing Claude to be misused in attacks also make it crucial for cyber defense, enabling security professionals to detect, disrupt, and prepare for future versions of evolving threats.

For investors and corporate buyers, the escalating cyber threat reinforces the demand environment for cybersecurity spending. CrowdStrike, which trades at roughly 28 times forward earnings, stands to benefit as corporate clients increase budgets to defend against state-sponsored intrusions. The report also highlights the strategic importance of AI intellectual property protection, a factor that could weigh on valuations of AI startups lacking strong security infrastructure.

Cybersecurity firms with government-grade threat intelligence capabilities, including Palo Alto Networks and Mandiant, may see increased demand as the U.S.-China technology rivalry intensifies. The cybersecurity sector has historically outperformed broader tech indexes during periods of heightened geopolitical tension, as corporate and government buyers prioritize defense spending over other capital expenditures.

The Cyberspace Administration of China did not immediately respond to CNBC’s faxed request for comment on the specific allegations detailed in CrowdStrike’s report.

Frequently Asked Questions

What percentage of state-sponsored cyberattacks on tech companies are attributed to China?

According to CrowdStrike’s 12-month threat analysis ending March 31, China-linked hacking groups accounted for more than 58 percent of all state-sponsored targeted cyberattacks aimed at technology companies, with a particular focus on stealing artificial intelligence intellectual property and capabilities. This represents a significant escalation in Beijing’s cyber espionage activities targeting North American and Southeast Asian organizations.

How does AI enable more sophisticated cyberattacks?

Advanced AI models can now act autonomously as agents, performing reconnaissance, writing exploit code, testing vulnerabilities, harvesting credentials, and exfiltrating data with minimal human supervision. Anthropic’s September 2025 case documented an attack in which AI performed 80 to 90 percent of the work, making thousands of requests at speeds impossible for human hackers. These capabilities lower the barriers to entry for less experienced hacking groups while dramatically increasing the scale and efficiency of state-sponsored operations.

What is Claude Fable 5 and how does it relate to cybersecurity?

Claude Fable 5 is Anthropic’s newest publicly available AI model, released on June 10, 2026, and positioned as a critical tool for cyber defense. Ranking firm Artificial Analysis assessed it as nearly five points ahead of competing models in performance benchmarks. Anthropic developed the model partly in response to the September 2025 espionage campaign that exploited its Claude Code tool, and the company now provides the technology to cybersecurity firms including CrowdStrike for threat detection and incident response.

Conclusion

The convergence of state-sponsored AI espionage and autonomous attack capabilities marks a fundamental shift in the cybersecurity landscape, one that will likely accelerate as models become more capable and accessible. Beijing’s strategic imperative to close the AI gap with the U.S. through digital theft shows no signs of abating, particularly as export controls continue to restrict China’s access to advanced semiconductor hardware.

For technology companies, the calculus is clear: AI intellectual property now carries the same strategic value as nuclear secrets did during the Cold War, and the attack surface extends far beyond frontier labs to include domain-specific model developers and even early-stage startups. Organizations must assume persistent, sophisticated adversaries are already inside their networks and invest accordingly in detection, response, and resilience capabilities.

The dual-use nature of AI systems means the same technologies enabling these attacks will also power the next generation of cyber defense tools, creating a high-stakes arms race in which innovation on both sides will continue to compound at exponential rates.