A Chinese government-sponsored group attempted to carry out the first known espionage campaign with artificial intelligence leading the way, a groundbreaking moment for the future of cyber warfare.
Artificial intelligence company Anthropic, known for its advanced chatbot Claude, released a report Thursday on an unprecedented hacking campaign by a Chinese-sponsored group to manipulate Claude into infiltrating dozens of targets.
“In mid-September 2025, we detected a highly sophisticated cyber espionage operation conducted by a Chinese state-sponsored group we’ve designated GTG-1002 that represents a fundamental shift in how advanced threat actors use AI,” the Anthropic report reads.
“Our investigation revealed a well-resourced, professionally coordinated operation involving multiple simultaneous targeted intrusions. The operation targeted roughly 30 entities and our investigation validated a handful of successful intrusions.”
Anthropic cooperated with authorities and launched its investigation immediately upon discovering the attempted espionage. The company’s report goes into detail about each stage of the AI-powered attack and issues a warning about the need for common-sense AI safeguards.
The humans involved with the attack largely acted in supervisory roles for Claude. The perpetrators manipulated Claude into performing the cyber attack to the point where Claude conducted an estimated 80-90 percent of the work independently, Anthropic’s report concludes.
The attackers took advantage of AI models’s newer capabilities in general intelligence, independent agency, and usage of software tools. Across each phase of the attack, Claude showed “extensive autonomous capability” and handled complex tasks for multiple days in a row.
“Anthropic’s report today proves what has long been clear to many leading national security experts: advanced AI systems have the potential to be a dangerous weapon in the arsenal of those wishing to launch sophisticated espionage, manipulation and malign influence attacks,” said Hamza Chaudhry, an AI and national-security expert with the Future of Life Institute, a think tank that supports AI safety.
“While the attack identified in the report seems to have been orchestrated by a state-backed group, over time these models will allow adversarial actors with fewer and fewer resources to launch espionage attacks targeting anyone, in any language, with minimal human input and across video, audio, and text.”
Claude’s work on the cyber attack would have taken significant amounts of time for a human team to pull off, as shown by the fact that it made thousands of requests per second. The only blemishes for Claude were its occasional hallucinations of credentials and its claims to have extracted information that was already publicly available.
Anthropic’s report argues Claude’s offensive abilities demonstrate the need to use it for cyber defense. The firm’s goal for Claude is for it to be used as a tool for cybersecurity professionals to prevent attacks, rather than an offensive weapon for malicious actors. Claude was used by Anthropic’s threat intelligence team to analyze the expansive amount of data gathered for the investigation.
“China has shown time and again it will use the most cutting-edge technology to attack Americans in cyber space. These latest attacks are just one more example of Beijing using state-backed resources and stolen American innovation to sow chaos and further their authoritarian ambitions,” said Representative John Moolenaar (R., Mich.), chairman of the House Select Committee on the Chinese Communist Party.
Cyber espionage is a common tactic for the Chinese Communist Party in its quest to gain an upper-hand against the U.S. in cutting-edge technology and intelligence. CCP-backed espionage is widely considered a leading national-security threat and is the subject of numerous federal investigations and prosecutions.
The campaign against Claude and Anthropic will become another focal point in ongoing debates about AI guardrails and American competition against China in AI advancement. AI chipmaking leader Nvidia opposes further exports controls on AI chips and has been pushing the Trump administration to allow it to send advanced chips to China. Nvidia’s advocacy has drawn sharp criticism from China hawks wary of allowing China to gain access to America’s latest AI breakthroughs.
“This news is unfortunately predictable. We have been warning about the CCP weaponizing AI against The United States for some time. These attacks could become much worse as AI advances in capabilities,” said Brendan Steinhauser, CEO of the Alliance for Secure AI.
“This underscores why we should not send our highest performing chips to our adversaries. Our national security depends upon it.”
AI safety is emerging as a bipartisan movement in Washington and at the state level in order to enact baseline safeguards for AI usage.
Anthropic’s report voices similar sentiments for cybersecurity experts. The company is imploring them to invest more into experimenting with AI in different facets of cyberdefense. For the AI industry, Anthropic believes it is necessary for companies to continue investing in safeguards for AI platforms.
By National Review – https://www.nationalreview.com/news/chinese-sponsored-group-pioneers-new-hacking-tactic-ai-driven-cyber-warfare/
