AI developers hiring quickly to keep pace with market demand are struggling with a new threat: spies and employees looking to steal company secrets.

Why it matters: U.S. artificial intelligence companies are likely already prime targets for nation-state adversaries' espionage campaigns.

• Experts predict that AI developers will become even bigger targets than chip manufacturers and biotechnology companies.

Driving the news: This month, the U.S. Department of Justice indicted a former Google software engineer on charges of stealing AI technology secrets and sharing them with two Chinese companies.

• Linwei Ding is believed to have started stealing these secrets in 2021, shortly after being offered a chief technology officer role at a Chinese AI startup, per the indictment.

The big picture: The AI sector in the U.S. is currently more advanced than it is in other countries.

• Unlike in the semiconductor manufacturing business, where spies have also targeted leading companies throughout Southeast Asia and Europe, the U.S. doesn't face much global competition yet.
• But this advantage places more pressure on U.S. technology companies to track and detect insider threats — which can include international spies posing as employees and employees being pressured into spying by their authoritarian home countries.

What they're saying: "What has been happening ... in the semiconductor industry over the past five years, I suspect that is what the future looks like for AI over the next five years," Gregory Allen, a former policy official at the Defense Department's Joint Artificial Intelligence Center, told Axios.

• "There definitely are organizations that don't take this seriously, but it is such a difficult problem that even the ones that do take it seriously are still being successfully hacked and exploited," he added.

Between the lines: While larger AI developers like Google and Microsoft have invested in counter-espionage programs for years, the new crop of AI startups is in a different position.

• "What I've found in some of those instances where I've given a talk or counseled people [at smaller companies] is that they just haven't thought about it at all," John Carlin, a partner at law firm Paul Weiss and former Trump and Biden DOJ official, told Axios.
• This is particularly true for venture-backed companies facing investor pressure to quickly launch their products, he added.

Catch up quick: The Biden administration has been pouring resources into tackling industry espionage as AI developments evolve.

• Last year, the DOJ and the Department of Homeland Security stood up a strike force to investigate illegal theft and exports of U.S. technologies to Russia, China and Iran.

The intrigue: Stolen U.S. AI trade secrets can be used faster than the information stolen from chip manufacturers and biotechnology companies.

• Even if someone steals trade secrets from a chip manufacturer, they still need additional resources to build that hardware, Andrew Grotto, a former Trump and Obama White House cyber official, told Axios.
• "AI's different; it's code, and those innovations can be repurposed pretty rapidly," he said.

Zoom out: Insider threats and espionage are only a sliver of the cybersecurity threats AI companies are facing.

• Others include malware, data model theft, and AI training data poisoning, according to Matt Keating, a principal in consulting firm Booz Allen Hamilton's AI practice.

Yes, but: Safeguarding against all insider threats is a nearly impossible task for all companies, Brandon Pugh, policy director for cybersecurity and emerging threats at the R Street Institute, told Axios.

• "Short of having a camera that is always watching employees or doing checks every time they leave the building, that stuff is hard to catch," Pugh said. "There really is no perfect solution."

The bottom line: Some of the most effective mitigations against insider threats and espionage don't have to be costly, Carlin said.

• He recommended AI developers start by taking inventory of the proprietary data in their systems and who has access to it.
• Regional FBI offices will also brief AI developers on the insider threats their specific company could be facing, Carlin added.

Two new cybersecurity partnerships unveiled at Nvidia's developers conference this week highlight the growing interest in chip security.

Why it matters: Generative AI tools require a set of chips that can quickly and efficiently process large data loads — and those chips come with their own set of cybersecurity concerns.

• The new cybersecurity partnerships are some of the first to tackle this issue in the new era of AI.

Zoom in: Cybersecurity companies Check Point Software Technologies and Balbix launched partnerships with Nvidia today at its flagship GPU Technology Conference.

• Check Point is providing a new solution, called AI Cloud Protect, that will secure some of Nvidia's systems against large language model data theft and poisoning, the company said in a press release.
• Meanwhile, cyber company Balbix said today that it's now integrating Nvidia's AI platform and graphic processing units (GPUs) into one of its new products — which analyzes customer data to assess their specific cybersecurity risks.

The big picture: Nvidia is one of the only chipmakers that can handle the data processing AI models require.

• That has made Nvidia a top threat for hackers looking at new ways to break into GPUs and digital processing units, the electronic circuits found in chips.

Yes, but: While a lot of attention has gone into researching and securing computers and mobile devices, chip security has often been viewed as a niche interest area.

• It can be tough for hackers to break into semiconductors' processing units, but once inside, the chips are a wealth of data, researchers have found.

Finland, Germany, Ireland, Japan, Poland and South Korea have all joined a U.S.-led pact to counter abuses of commercial spyware.

Why it matters: U.S. efforts to crack down on governments using spyware to spy on politicians, human rights activists and political dissidents require international cooperation.

• Spyware vendors are known to be operating across Europe and the Middle East — and targeting officials worldwide.
• "What we're trying to do is very deliberately build out a group of like-minded countries — including some in Western Europe, but also beyond that," a senior Biden administration official told reporters during a briefing Monday.

Driving the news: The White House unveiled the new signatories at the Summit for Democracy in South Korea on Monday.

• The six new countries joined 10 others who signed the pledge when it was first published last year.

Zoom in: The six new countries committed to the following:

• To not let their own government agencies use spyware sold by vendors known to sell to those abusing the technology.
• To establish export controls to prevent spyware sales to malicious actors.
• And to work with international allies to align their sanctions and regulatory regimes.

Catch up quick: The Biden administration has implemented new visa restrictions and sanctions against nefarious organizations.

• Spyware is a type of malware that can stealthily infect a victim's phone and track their keystrokes, voice calls, text messages and other activities.

The intrigue: An official at the White House's National Security Council told CNN on Sunday that the administration is continuing to find new cases in which U.S. government officials' devices are infected with spyware.

What's next: The U.S. is meeting with the countries that signed onto its pact on Tuesday during the second day of the Summit for Democracy, the administration added.

@ D.C.

🦾 The Department of Homeland Security has launched three pilot projects to expand its use of generative AI in investigations, immigration officer trainings and disaster preparedness. (Axios)

🩺 The Biden administration plans to publish a proposal for new health care cyber regulations in the next two months, a senior official said. (CyberScoop)

👀 The National Institute of Standards and Technology has stopped adding key details about security flaws in the national vulnerability database — hampering companies' ability to resolve those flaws. (SC Media)

@ Industry

🏥 The American Hospital Association estimates that 94% of hospitals are facing a financial impact from the Change Healthcare ransomware attack. (Fierce Healthcare)

@ Hackers and hacks

☎️ AT&T says a recently leaked database of 71 million customers did not come from its systems. (BleepingComputer)

👾 The head of the LockBit ransomware gang told a reporter that he will continue his work until he attacks "one million companies around the world." (The Record)

⚠️ Tech giant Fujitsu confirmed a cyberattack and warned that hackers may have stolen personal data and customer information. (TechCrunch)

TechCrunch has a really great story about how its cyber journalists verify rumors, allegations and leaked databases tied to data breaches.

• 📚 Give it a read.