China-linked actors targeted tech firms for AI IP

CrowdStrike tracked state-linked cyber activity from April 2025 to March 2026 and found China-linked actors were responsible for more than 58% of state-sponsored targeted intrusions against the technology sector. The report states those actors targeted firms to obtain AI intellectual property to support Beijing’s aim for AI self-sufficiency and global AI leadership by 2030.

The company identified several groups active in the campaigns, including MURKY PANDA, MUSTANG PANDA, OVERCAST PANDA, SUNRISE PANDA and WARP PANDA. One operation by MURKY PANDA used password spraying and affected more than 340 U.S.-based entities. The report noted attackers concentrated on companies where core AI development and related IP are concentrated.

Targeted assets included AI models, proprietary datasets and specialized chip designs. The report states those assets can be applied to military modernization, economic development and intelligence collection. Password spraying and credential harvesting remained common entry methods in the incidents the firm tracked, and compromises at development firms created routes into customer environments.

CrowdStrike linked the increase in targeting to China’s industrial-policy push for technological self-reliance and cited drivers such as U.S.-China economic decoupling, tighter sanctions and economic espionage. The company expects China-linked groups to continue prioritizing technology targets for at least the next year.

Adam Meyers, head of counter-adversary operations at CrowdStrike, described the activity as “China runs cyberespionage as an industrial policy to try to close the AI innovation gap, demonstrating that AI capabilities are the prize adversaries are after. Whether you’re building AI or adopting it, security has to be built in from the start.”

Industry and policy responses are already under way. Some technology firms are increasing spending on defensive measures. U.S. policymakers are discussing export controls and restrictions on chip smuggling, offshore data centers and model distillation. Anthropic estimates such controls could preserve a U.S. lead by 12 to 24 months if enforced effectively.

The report recommends that organizations building or adopting AI embed security during model development and protect datasets and the infrastructure that supports training and inference. It also warned that access to technology firms can raise supply-chain compromise risks and expose customer environments and training data.