28.8 Million Queries: The AI Heist That Tripped No Alarms

Authored by Joseph Hoefer via RealClearDefense,

When we picture intellectual property theft, we picture a break-in. A hacker slips past the firewall, copies the source code, and disappears. So, when an American AI company tells Congress that China just pulled off the largest extraction campaign it's ever recorded, the natural assumption is that someone cracked the vault.

Nobody broke in. And that's exactly what makes this threat so difficult for Washington to address.

Last week, Anthropic told the Senate Banking Committee that operators affiliated with the Chinese conglomerate Alibaba ran roughly 28.8 million queries with its Claude models through nearly 25,000 fraudulent accounts between April and June. According to the company, the goal was not to steal the model. It was to harvest its answers, then use those answers to train a competing Chinese system at a fraction of the cost.

This technique is called distillation, and not all of it is sinister. Training a smaller model on the outputs of a larger one is a routine and legitimate practice when a company does it with its own systems. What Anthropic alleges is someth