- Threats concentrated on firms involved in computer hardware and technology, IT services and consulting, semiconductors, and software
China-linked hacking groups represented the most significant espionage threat to technology companies over the past year, according to a new report from cybersecurity firm CrowdStrike published Tuesday, as surging investment in artificial intelligence draws intensified targeting.
The campaigns tracked by CrowdStrike aligned with Beijing’s strategic priorities, reflecting sustained interest in technology development, intellectual property, and information with economic and strategic value, the firm said.
The report did not name specific victim companies.
Technology remained the most targeted industry by both state-backed and criminal actors, with threats concentrated on firms involved in computer hardware and technology, IT services and consulting, semiconductors, and software.
AI race
The findings, covering April 1, 2025 to March 31, 2026, come amid frothy valuations and investment in AI-related companies. “There is an AI arms race occurring between the US and China, and China intends to achieve global dominance by 2030,” said Adam Meyers, CrowdStrike’s senior vice president and head of counter adversary operations, citing risks to major frontier labs and smaller, domain-specific model developers.
On April 23, the White House Office of Science and Technology Policy accused China-based entities of conducting “deliberate, industrial-scale campaigns” to surreptitiously distill US-developed AI models for their own purposes, highlighting one recent example.
The Chinese Embassy in Washington dismissed the report. “China opposes hacking activities and fights such activities in accordance with the law,” a spokesperson said, rejecting “vilification and smears under the pretext of cybersecurity.”
The spokesperson added that China and the US should cooperate on AI development and governance, noting that during former President Trump’s recent visit “the two heads of state had constructive exchanges on AI and agreed to launch government-to-government dialogue on AI.”
CrowdStrike also warned that North Korean operations “posed a major threat,” including schemes in which operatives use fake identities to obtain remote IT jobs at technology companies—siphoning salaries to Pyongyang while creating footholds for intelligence collection. Russian- and Iran-linked groups continued to target US and allied technology sectors for espionage and, at times, destructive malware activity.
Financially motivated cybercriminals intensified efforts against tech firms over the same period, the report said, noting a 30 per cent rise in advertisements offering illicit access to corporate targets.
