China-linked hackers were responsible for more than 58% of all state-sponsored targeted intrusions against technology companies in the 12 months ending March 31, 2026, with artificial intelligence assets as the primary objective, CrowdStrike said in its 2026 Technology Threat Landscape Report released June 9.

Adam Meyers, CrowdStrike’s senior vice president for counter adversary operations, said the scope of the threat spans frontier AI laboratories and smaller domain-specific model developers. “There is an AI arms race occurring between the U.S. and China, and China intends to achieve global dominance by 2030,” Meyers said.

The finding follows a White House Office of Science and Technology Policy memo on April 23 accusing China-based entities of conducting “deliberate, industrial-scale campaigns” to distill U.S.-developed AI models, repeatedly querying them to extract capabilities and train cheaper domestic replicas.

North Korean actors posed a parallel threat through volume. The Famous Chollima hacking group accounted for 47% of all government-linked hands-on-keyboard intrusions targeting technology firms, embedding operatives through AI-generated deepfake identities and fraudulent credentials to secure remote IT employment.

North Korean cyber actors stole $2 billion in digital assets during 2025, including $1.46 billion taken from cryptocurrency exchange Bybit in the largest crypto theft on record.

The Five Eyes intelligence alliance issued a joint bulletin on June 3 warning that Chinese intelligence services were using professional networking platforms such as LinkedIn to recruit individuals with access to sensitive government and technology data.

The Chinese Embassy in Washington called the CrowdStrike findings “vilification and smears under the pretext of cybersecurity.”

Cybercrime accounted for 65% of all attacks on the technology sector during the period, with dark-web listings of compromised technology organizations rising nearly 30% to 277 companies.