Michael Kratsios, director of the White House Office of Science and Technology, issued a formal warning on April 23, 2026, regarding a large campaign to siphon artificial intelligence secrets. Documents released by the executive branch describe a systematic effort by foreign actors to bypass security protocols at leading American laboratories. Officials identified China as the primary designer of these operations, which target the underlying architecture of generative systems. Intelligence reports indicate that these entities use sophisticated methods to bypass the safety filters intended to prevent unauthorized access to proprietary data sets. Private-sector research indicates that the cost of developing these frontier models often exceeds $200 billion per cycle.
Washington now characterizes this activity as theft on a historic magnitude. Evidence gathered by federal agencies suggests that state-sponsored actors are not merely seeking to copy software, but are attempting to recreate the logic of the most advanced neural networks in existence. Intelligence officers discovered that foreign agents have established a labyrinthine network of digital infrastructure to mask their origin. These operations often originate from servers scattered across multiple continents to evade detection by standard cybersecurity monitoring tools. National security officials believe the primary objective is to achieve parity in machine learning capabilities without the huge capital expenditure required for original research.
Direct attribution for these attacks points toward coordinated groups operating with high levels of technical proficiency. Kratsios detailed the mechanics of the theft in a memo addressed to technology leaders and congressional committees. According to the document, the process involves querying American AI systems with specific, high-volume prompts designed to reveal the internal weighting and algorithmic preferences of the software. This technique allows an attacker to build a clone that mimics the performance of the original model at a fraction of the cost. Federal investigators found that thousands of specialized accounts were created to enable this data extraction over the last 18 months.
Kratsios Announces Global AI Theft Network
Administrative records show that the OSTP has been monitoring these irregularities since the previous fiscal year. Kratsios noted that the scale of the operation suggests a level of organization that exceeds the capacity of independent criminal organizations. Analysts at the White House suggest that the theft is designed to strengthen domestic industries in competing nations by providing them with a shortcut to advanced automation. Such actions threaten the competitive advantage that American firms have maintained in the global tech sector. The memo asserts that the stolen information is being funneled directly into state-controlled laboratories for rapid implementation in military and economic applications.
Kratsios wrote in his memo: "The U.S. government has learned Chinese entities are leveraging thousands of proxy accounts to distill frontier artificial intelligence models from US companies."
Detection systems struggled to identify the intrusion because the attackers used legitimate-looking API calls to extract information. These requests were spaced out to appear like normal user behavior, avoiding the red flags typically raised by bulk data transfers. Forensic analysis by the White House revealed that the attackers prioritized models capable of reasoning and complex problem-solving. These specific capabilities are essential for everything from autonomous weapons systems to pharmaceutical breakthroughs. Security experts at the Department of Energy have confirmed that several high-performance computing centers were probed as part of this campaign.
China Uses Proxy Accounts for Model Extraction
Beijing denies these allegations, but the digital trail points toward specific regions known for state-sponsored hacking initiatives. Kratsios emphasized that the use of proxy accounts serves to insulate the central government from direct blame. By using third-party contractors and shell companies, the perpetrators create layers of plausible deniability. Documentation provided to the Senate Intelligence Committee lists specific IP address ranges associated with these activities. Most of these addresses were registered to entities that do not physically exist at their listed locations. Investigations into these shell companies revealed ties to larger holding firms with connections to foreign defense ministries. This concern echoes recent industry developments regarding the deployment of secure frontier artificial intelligence models by major tech firms.
Model distillation, the core technical method used in this theft, involves training a smaller student model to imitate the behavior of a larger teacher model. This method reduces the need for the vast quantities of raw data and electricity required to build a model from scratch. By siphoning the outputs of American systems, foreign entities can effectively reverse-engineer the proprietary logic of the software. Kratsios indicated that this process sharply narrows the technological gap between the United States and its rivals.
The Office of Science and Technology Policy warns that if this continues, the timeline for foreign competitors to reach AI maturity will be cut by several years. Current estimates suggest that the theft has already saved the perpetrators billions of dollars in research and development expenses.
Technical Barriers Fail Against Industrial Scale Siphoning
Existing firewalls and usage limits proved insufficient to stop the coordinated barrage of queries. Kratsios noted that the attackers exploited the open nature of commercial AI interfaces to their advantage. Companies often provide public access to their models to encourage innovation, but this openness created a vulnerability that was ruthlessly exploited. While Bloomberg suggests the theft was concentrated on a few high-profile firms, Reuters' sources claim the breach affected nearly every major AI developer in the Silicon Valley corridor. Internal logs from several tech giants show a spike in suspicious activity coinciding with the dates mentioned in the Kratsios memo.
One specific instance involved an automated script that made over one million calls to a single API within a 48-hour period.
Standard defensive measures, like rate limiting, were bypassed by rotating through thousands of different user identities. Each account stayed just below the threshold for automatic suspension. This precision indicates a deep understanding of the internal security mechanisms of American tech companies. Kratsios argued that this level of insight could only come from prolonged observation or insider knowledge. The memo calls for a total overhaul of how AI companies verify the identity of their users. Federal guidelines may soon mandate stricter “Know Your Customer” protocols for all entities accessing frontier AI models. Such a shift would require serious changes to the current business models of many software firms.
White House Mobilizes to Protect AI Infrastructure
National security directives are now being drafted to address the vulnerabilities highlighted by Kratsios. The White House intends to collaborate with the private sector to develop more resilient defenses against model distillation. Proposed measures include the implementation of watermark-based detection for model outputs, which would make it easier to identify stolen logic. Government agencies are also considering export controls on the hardware used to run these large-scale inference operations. Kratsios suggested that protecting the intellectual property of AI firms is now a matter of sovereign importance. The administration is also looking at the possibility of sanctioning the specific foreign laboratories identified in the intelligence reports.
International partnerships will matter in the upcoming defense strategy. Kratsios plans to coordinate with allies in the UK and EU to establish a unified front against technological espionage. Shared intelligence could help identify proxy networks before they become fully operational. The memo highlights that the theft is not an isolated incident but part of a broader trend of aggressive technology acquisition. Officials believe that the security of democratic institutions depends on maintaining a lead in the development of trusted artificial intelligence. Recent briefings indicate that the Department of Justice is preparing indictments against several individuals suspected of managing the proxy account networks.
The Elite Tribune Strategic Analysis
National security doctrine rarely survives the first contact with decentralized, algorithmically-driven espionage. The Kratsios memo confirms a reality that many in the tech sector have whispered about for years: the American AI lead is a fragile house of glass built on open-access foundations. For too long, the US government has allowed private companies to prioritize market share over the integrity of the nation's most critical intellectual property. The failure is not a matter of technical inadequacy but a lack of political will to treat code with the same reverence as nuclear secrets. China is not merely playing the game; they are rewriting the rules by turning American openness into a weapon of rapid industrialization.
The evidence shows the largest transfer of wealth and power in the 21st century happens through API calls. The White House response, while firm in tone, arrives late to a battlefield that has already been saturated by adversarial actors. Implementing "Know Your Customer" rules and watermarking are band-aids on a severed artery. If the administration wants to preserve the American edge, it must move beyond reactive memos and toward a regime of aggressive digital containment. The era of the borderless internet for high-consequence technology has ended. Anything less than a hard decoupling of AI infrastructure from adversarial reach is a surrender by another name. Fortress or failure.