US government moves to block China's industrial-scale AI distillation attacks on frontier models

US Sets Up Task Force to Counter Chinese AI Model Distillation

The White House is establishing a task force to prevent industrial-scale extraction of American frontier AI models, Michael Kratsios announced. The move responds to what U.S. intelligence describes as coordinated campaigns by Chinese entities using tens of thousands of proxy accounts and jailbreaking techniques to systematically distill capabilities from OpenAI, Anthropic, and other U.S. AI systems.

The economic stakes are concrete. A single frontier model training run can cost $100 million or more. When a Chinese lab can distill those weights and exfiltrate the data, the damage differs fundamentally from stealing intellectual property of comparable value. The distillation pipeline compresses months or years of research and billions in compute into a reproducible attack.

What makes the threat systemic is that no single lab may fully grasp its scale. One AI company detects unusual query patterns from shell companies in specific regions, but sees only a fraction of the total assault. When labs compare notes—discovering they're being hit by overlapping sets of proxy accounts asking for similar queries—the full attack surface emerges. Piecing together those fragments reveals a precise map of what a frontier system can do, enabling competitors to replicate capabilities at a fraction of the development cost.

The response shows industry coordination. Labs are tightening API access controls, implementing stronger know-your-customer checks, and sharing intelligence on suspicious account patterns. The task force announcement suggests the government is treating model distillation with the same seriousness as the AI labs themselves have, signaling that this is now a national security concern rather than a purely commercial one.