AI developers hiring quickly to keep pace with market demand are struggling with a new threat: spies and employees looking to steal company secrets.

Why it matters: U.S. artificial intelligence companies are likely already prime targets for nation-state adversaries' espionage campaigns.

• Experts predict that AI developers could become even bigger targets than chip manufacturers and biotechnology companies.

Driving the news: This month, the Justice Department indicted an ex-Google software engineer for stealing AI technology secrets and sharing them with two Chinese companies.

• Linwei Ding is believed to have started stealing these secrets in 2021, shortly after being offered a chief technology officer role at a Chinese AI startup, per the indictment.

The big picture: The United States' AI sector is currently more advanced than businesses in other countries.

• Unlike in the semiconductor manufacturing business, where spies have also targeted leading companies throughout Southeast Asia and Europe, the U.S. doesn't face much global competition in AI yet.
• But this advantage places more pressure on U.S. technology companies to track and detect insider threats — which can include international spies posing as employees and employees pressured into spying by their authoritarian home countries.

What they're saying: "What has been happening... in the semiconductor industry over the past five years, I suspect that is what the future looks like for AI over the next five years," Gregory Allen, a former policy official at the Defense Department's Joint Artificial Intelligence Center, told Axios.

• "There definitely are organizations that don't take this seriously, but it is such a difficult problem that even the ones that do take it seriously are still being successfully hacked and exploited," he added.

Between the lines: While larger AI developers like Google and Microsoft have invested in counter-espionage programs for years, the new crop of AI startups are in a different position.

• "What I've found in some of those instances where I've given a talk or counseled people [at smaller companies] is that they just haven't thought about it at all," John Carlin, partner at law firm Paul Weiss and former Biden DOJ official, told Axios.
• This is particularly true for venture-backed companies facing investor pressure to quickly launch their products, he added.

Catch up quick: The Biden administration has been pouring resources into tackling industry espionage as AI developments evolve.

• Last year, the Justice Department and DHS stood up a strike force to investigate illegal theft and exports of U.S. technologies to Russia, China and Iran.

The intrigue: Spies who steal U.S. AI trade secrets can use that information faster than the information stolen from chip manufacturers or biotechnology companies.

• Even if someone steals trade secrets from a chip manufacturer, they'd still need additional resources to build that hardware, Andrew Grotto, a former Trump and Obama White House cyber official, told Axios.
• "AI's different, it's code, and those innovations can be repurposed pretty rapidly," he said.

Zoom out: Insider threats and espionage are only a sliver of the cybersecurity threats AI companies are facing.

• Others include malware, data model theft and AI training data poisoning, Matt Keating, a principal in consulting firm Booz Allen Hamilton's AI practice.

Yes, but: Safeguarding against all insider threats is a near impossible task for companies, Brandon Pugh, policy director for cybersecurity and emerging threats at the R Street Institute, told Axios.

• "Short of having a camera that is always watching employees or doing checks every time they leave the building, that stuff is hard to catch," Pugh said. "There really is no perfect solution."

The bottom line: Some of the most effective mitigations against insider threats and espionage don't have to be costly, Carlin said.

• He recommended AI developers start by taking inventory of the proprietary data in their systems and who has access to it.
• Regional FBI offices will also brief AI developers on the insider threats their specific company could be facing, Carlin added.

Editor's note: This story has been corrected to show that John Carlin was a former Biden DOJ official, not a former Trump and Biden DOJ official.