CrowdStrike Names Chinese Hackers Top Espionage Threat to Tech Firms Amid AI Boom

CrowdStrike released a report on June 9, 2026, showing Chinese-affiliated hackers accounted for the largest share of cyber espionage targeting technology companies over the year ending March 31, 2026 ^{[1, 2, 3, 4, 5, 6]}. Chinese-linked cyberattacks made up more than 58% of state-sponsored intrusions against tech firms, especially those focused on artificial intelligence (AI) assets ^{[7, 6]}.

The hacking campaigns aligned closely with Chinese government strategic interests, aiming to acquire technology development knowledge, intellectual property, and sensitive economic data ^{[1, 2, 3, 4, 5, 6]}. Key targets included companies in computer hardware research and development, IT services, semiconductors, and software—areas critical to the future of technology innovation ^{[1, 2, 3, 4, 5]}. AI-related firms were singled out as high-value targets amid surging investment and valuations in the AI sector ^{[1, 2, 3, 4, 5]}.

CrowdStrike identified specific Chinese hacking groups such as SUNRISE PANDA, MURKY PANDA, and WARP PANDA, active across East Asia, Southeast Asia, and North America, targeting tech organizations ^[6]. Adam Meyers, CrowdStrike senior vice president, said, "There is an AI arms race occurring between the US and China, and China intends to achieve global dominance by 2030" ^[1].

U.S. restrictions on China's access to AI training chips have increased Chinese efforts to steal AI technology and intellectual property to compensate for domestic shortages ^{[7, 6]}. CrowdStrike stated, "China-nexus adversaries are escalating espionage against technology organizations to steal the AI capabilities and intellectual property they cannot build fast enough on their own" ^[7].

Other nation-state actors also threatened tech firms. North Korean hacking campaigns posed major espionage risks by using fake identities to secure remote IT jobs and funnel earnings back home ^{[1, 2, 3, 4, 5, 6]}. Former FBI agent Stephanie Talamantez warned North Korean groups are "extremely persistent, dangerous, and increasingly rely on sophisticated social engineering tactics" ^[6]. U.S. officials say North Korean hackers stole over $2 billion in cryptocurrency in 2025 to fund weapons and missile programs ^[6]. Russian and Iranian-aligned groups continued to pressure the sector with espionage and occasional destructive malware attacks ^{[2, 3, 4, 5]}.

The Chinese Embassy in Washington rejected the report as a political smear, stating, "China opposes hacking activities and fights such activities in accordance with the law, and rejects vilification and smears under the pretext of cybersecurity" ^{[1, 2, 3, 4, 5]}.

The report covered the period from April 1, 2025, to March 31, 2026 ^{[1, 7]}. The White House Office of Science and Technology Policy previously accused China-based entities of large-scale AI model theft in April 2026 ^[1].

CrowdStrike's findings are publicly available following the report's release on June 9, 2026 ^{[1, 2, 3, 4, 5, 6]}.