Google has revealed a surge in sophisticated cyberattacks aimed at stealing the intellectual property behind its Gemini AI model. These attacks, dubbed “distillation attacks,” involve adversaries flooding the system with tens of thousands of AI prompts to reverse-engineer its capabilities.
State-Sponsored Theft
According to Google’s Threat Tracker report, the primary actors behind these thefts originate from North Korea, Russia, and China. The goal isn’t to directly harm users, but to clone Gemini’s technology for use in other AI models – particularly in languages beyond English. This represents a broader trend of nation-state actors exploiting AI for strategic advantage.
How Model Extraction Works
These attacks exploit a technique called model extraction. Adversaries leverage legitimate access to probe an AI system, systematically gathering enough data to train a replica model. Google notes this is akin to industrial espionage, where competitors steal trade secrets.
A Growing Arms Race
The incident highlights the escalating competition in the AI landscape. Companies like ByteDance (TikTok’s parent company) in China are rapidly developing advanced AI tools, challenging the dominance of US firms. Last year, DeepSeek, another Chinese AI company, released a model that rivaled top-tier technology, prompting accusations of intellectual property infringement from OpenAI.
This isn’t just about technical rivalry; it’s a geopolitical issue. AI models are now critical infrastructure, and their theft poses national security risks. As Google analyst John Hultquist points out, this is likely just the beginning: “We’re going to be the canary in the coal mine for far more incidents.”
The Future of AI Security
The case underscores the need for stronger AI security measures. While Google is one of the first major companies to publicly report such attacks, industry-wide vulnerabilities are likely widespread. Protecting AI intellectual property will require a combination of technical defenses, legal enforcement, and international cooperation.
The theft of AI models is the new frontier of cyberwarfare. Companies and governments must adapt to this reality or risk falling behind.
