White House memo claims mass AI theft by Chinese firms

Chinese AI theft: White House memo details $700bn stolen tech, 200 Beijing groups named

Sarah Mills | GlobalBeat

A White House memo Monday accused more than 200 Chinese companies of systematically stealing American artificial intelligence technology worth $700 billion across military, medical and commercial sectors.

The unclassified briefing, circulated to all federal agencies, identified state-backed hacking units and civilian contractors funneling source codes, chip designs and training data to Beijing’s domestic AI champions over the past decade.

The disclosure arrives days before President Donald Trump completes a pending executive order imposing automatic export bans on the blacklisted firms and barring U.S. venture funds from their cap tables. Commerce Secretary Sean Doolittle told reporters “the theft is industrial scale” and vowed “to choke off the pipeline.”

The 14-page summary, reviewed by GlobalBeat, lists cloud providers like Kingsoft, surveillance giant CloudWalk and fledgling Lab51 alongside research arms of the People’s Liberation Army. Treasury analysts concluded the siphoned IP accelerated China’s LLM programs by four to six years and narrowed the Pentagon’s tech lead at a “strategic cost to coalition forces,” the memo said.

Chinese foreign ministry spokesperson Lin Jian dismissed the allegations Tuesday as “fabricated stories aimed at commercial suppression,” but offered no rebuttal of the data cited. The ministry said Beijing would “take necessary countermeasures” yet did not specify retaliation.

Senate Intelligence Chair Marco Rubio called the filing “the most comprehensive map of Chinese AI espionage we have published,” and urged allies to mirror the blacklist. Brussels signaled it might adopt parallel curbs by June. London remained silent, prioritizing a pending trade visit by a delegation that includes several of the implicated firms.

THE HACKS AND HOW THEY WORKED

Investigators traced intrusions to a cluster of front firms registered in Shenzhen that paid contractors zero-day bounties for weaknesses in U.S. model repositories such as Hugging Face and GitHub. After entry, operatives used API spoofing to copy not only code but entire weight matrices and inference logs, the memo said. One breach at a Boston biotech yielded a multimillion-row patient dataset later resold to a Beijing hospital training radiology algorithms.

FBI Director Daniel Prieto said indictments would follow within 30 days against 17 named hackers, most allegedly connected to the PLA’s Unit 68020. Previous U.S. prosecutions have yielded no extraditions; Beijing refuses to hand over its citizens, citing sovereignty.

Market impact surfaced almost immediately. Shares in Nvidia, AMD and Arm fell 3-5% on fears export curbs would crimp global data-center upgrades. Kingsoft surrendered 8% in Hong Kong, while CloudWalk halted trading after its bondholder, Citic Group, froze new credit lines.

BACKCHANNEL WITH SILICON VALLEY

The Treasury quietly asked Andreessen Horowitz, Sequoia and General Atlantic to compile their exposure to 37 Chinese LLM startups by Friday, said a partner who received the letter. Several firms are considering divesting at pennies on the dollar, the person added, fearing secondary sanctions on compliance officers.

Venture lobby NVCA urged the administration to clarify safe-harbor rules for existing stakes rather than “pull the rug from whole portfolios,” president Vance Vanderslice told reporters. No response has come from the White House.

TECH GIANTS ALREADY RESTRUCTURING

Microsoft began rerouting Azure servers out of Hong Kong last month, two employees confirmed, preparing for possible retaliation against U.S. data centers. Amazon has accelerated Project Redwood, a classified plan to shift AWS inference nodes for defense clients to hardened sites in Oregon and Ohio.

Apple, which uses Yangtze Memory chips, has frozen new procurement while engineers audit firmware for “suspicious telemetry,” a person familiar with the review said. The company declined to comment on the record.

WHAT THE SPYING ACCELERATED

Stolen medical models helped China fast-track a computer-vision diagnostic approved 18 months earlier than originally forecast, according to the memo. Military simulations lifted by hackers shaved estimated development time for drone swarm coordination software from five years to 30 months, Pentagon officials told the White House.

CloudWalk, already sanctioned for its Xinjiang facial-recognition contracts, allegedly tested the lifted data on Uyghur populations without anonymization, a finding likely to spark further human-rights complaints in Congress.

ALLIES DIVIDED

Japan banned 12 small Chinese AI suppliers from government contracts in February but has yet to act against bigger players. A senior official at METI said Tokyo must weigh impact on automakers that source mapping algorithms in China. Canada signaled interest in coordinated curbs, yet public consultation could delay action until 2027.

EU Digital Commissioner Henna Virkkunen said Brussels is “carefully studying” the memo but wants independent forensic verification, wary of being drawn into a U.S. election-year maneuver.

< h2 >Background< /h2 >

Washington has charged Chinese hackers with commercial espionage since 2014, when five PLA officers were indicted for stealing steel and solar blueprints. The tempo accelerated after China’s 2017 National Intelligence Law required citizens to cooperate with state data requests, blurring lines between corporate R&D and security apparatus.

Escalation reached new heights in 2022 when Washington banned exports of advanced GPUs to 28 Chinese supercomputing centers over Ukraine-linked cyber operations. Beijing’s AI sector responded by accelerating domestic wafer fabrication; domestic 7-nm chips are now sampling, though still two generations behind U.S. leaders.

< h2 >What’s Next< /h2 >

Trump must sign the promised order before his state visit to Tokyo next week or risk appearing distracted by domestic legal battles. Commerce officials told GlobalBeat enforcement will begin “on signature” with license revocations for any U.S. supplier still shipping EDA tools or GPU clusters to the listed companies, a move expected to ignite further volatility in semiconductor shares.

The broader implication is a growing balkanization of AI supply chains. Western model-builders may create “clean-data treaties” with allies while Beijing accelerates its own open-source standards, shrinking the once global market for algorithms into mutually distrustful blocs that force investors, developers and even researchers to pick sides.