Chinese hackers are increasing cyberattacks aimed at stealing advanced artificial intelligence technology in the United States, according to a report by the security company CrowdStrike.
The goal of the targeted technology theft is to boost China’s development of AI in its battle against U.S. AI development programs, the report said.
“China-nexus adversaries are escalating espionage against technology organizations to steal the AI capabilities and intellectual property they cannot build fast enough on their own,” the company said in a statement.
Chinese hackers were linked to more than 58% of state-sponsored targeted cyberattacks aimed at tech companies, especially seeking access to targeted AI assets, the CrowdStrike report said.
American restrictions on China’s access to advanced AI microchips have limited Beijing’s development, while indigenous AI models are attempting to lower costs.
China-linked cyberattacks targeted government communications in Southeast Asia and “maintained persistent access” to North American tech organizations by taking advantage of vulnerabilities, the report said.
Beijing government-linked hacking groups are stealing valuable AI technology through a variety of cyberoperations code-named Murky Panda, Mustang Panda, Overcast Panda and Sunrise Panda and Warp Panda, each focused on different hacking methods.
“Murky Panda’s password-spraying campaign alone impacted more than 340 U.S.-based entities,” the report said.
Password spraying involves cyberattacks by hackers using a single, commonly used password against many different user accounts, rather than trying multiple passwords against a single account.
The method avoids triggering automatic account lockouts while finding weak access credentials.
“China runs cyberespionage as industrial policy to try to close the AI innovation gap, demonstrating that AI capabilities are the prize adversaries are after,” said Adam Meyers, head of counter-adversary operations at CrowdStrike.
“Whether you’re building AI or adopting it, security has to be built in from the start.”
The report also said North Korea is using AI and U.S. front companies to obtain remote access in technology companies.
North Korean hackers used “AI-enhanced personas” for the operations and CrowdStrike research said Pyongyang cyber operations channeled illicit revenue directly into North Korean weapons programs.
