Cybersecurity in the AI Era: How to Recognize AI Phishing and Deepfake Attacks
AI-powered phishing emails and deepfake voice calls are becoming mainstream attack vectors. How to recognize them and what internal procedures your company needs.
Two years ago the answer was simple. American labs built the best models and everyone else trailed by years. That sentence stopped being true in 2026.
The Stanford AI Index 2026 puts the overall gap between the US and Chinese frontier at 2.7 percentage points. The CAISI evaluation places DeepSeek V4 Pro roughly eight months behind the leading US models. Eight months, not eight years. And at a price that rewrites the arithmetic for anyone buying AI.
Which is why the useful question for a European firm is not who wins the race. It is whether these models belong anywhere near your own work, and if so, where.
The DeepSeek headline hides a whole field behind it. GLM-5.2 from Zhipu carries 750 billion parameters, a million tokens of context, and an MIT license, and it leads the open-weight pack on SWE-bench Pro. DeepSeek V4 Pro-Max reaches around 80% on SWE-bench Verified. Alibaba's Qwen has passed Meta's Llama to take more than half of all open-model downloads worldwide. Kimi K2.7 Code follows OpenAI and Anthropic closely on agent benchmarks.
Two things tie the field together, and open weights come first. GLM-5.2 and DeepSeek V4 ship under MIT, Qwen under Apache 2.0, so commercial use and self-hosting are allowed outright, with nothing to negotiate.
Price is the second, and it is a different class of number. An hour of coding on Claude runs about $10. The same work on DeepSeek costs under 50 cents, and the DeepSeek Flash tier goes down to $0.14 per million input tokens. Buyers noticed fast. DeepSeek's share of token usage jumped from under 1% to 17% in a single month.
So China bet on spreading open weights through platforms like Hugging Face and GitHub, while the United States bet on closed models with a high price of access. The difference is commercial, not just technical.
Most of the debate circles the model's origin. Risk actually lives somewhere else, in where the model runs. The same Chinese model carries a completely different profile depending on how you deploy it.
Calling the vendor's hosted API is the fast, cheap start. It also sends your data into the provider's jurisdiction, and with a Chinese API you inherit the further question of who else can reach it.
Self-hosting is the far end. You pull the open weights down and the model runs in your own EU cloud or data center. MIT and Apache both allow it, and the lab that trained the model never sees a prompt, a log, or a tool call. You get the strongest data control available. You also get every security and compliance job that comes with it.
Between the two sits the compromise. A Chinese-origin model runs at a Western host who handles operations for you.
Notice what that ordering does to the usual argument. Open weights you run yourself give better data control than any hosted API, Chinese or American. Nobody watches your traffic when the traffic never leaves.
The first is jurisdiction. Sending data to any foreign API needs a data processing agreement and a lawful basis under GDPR. A hosted Chinese API stacks a further question on top of that, about who reaches the data and on what terms. Self-hosting sidesteps most of it, because the data never leaves your network.
The second risk is the flip side of the first. Run an open model yourself and part of the obligations under the AI regulation shift onto you, with no vendor left to carry compliance on your behalf. Our AI Act 2026 checklist works through what that means for chatbots, HR, and internal workflows.
The third is not technical at all. In the US, firms including Airbnb and Anysphere, the maker of Cursor, faced scrutiny for using the Chinese models Qwen and Kimi. Then came the distillation disputes, in which US labs accused Chinese labs of stealing their models through 24,000 fraudulent accounts, and the White House flagged the matter as national security. European firms feel less of this. But if you sell to government or into a regulated sector, model origin can disqualify you in a tender.
Match the model to the sensitivity of the task, not to a flag.
Regulated, personal, or client-confidential data does not belong in a raw hosted API, Chinese or American. Process it with an open model on your own EU infrastructure, or through a Western model under a data processing agreement. Control is worth more than the cent you save.
High-volume internal work that is sensitive to cost but not to confidentiality is the opposite case, and open Chinese models on your own hosting fit it well. The price-to-performance is hard to beat, and the risk stays low because the data never leaves your network.
Selling into the public sector or a regulated business? Check the procurement rules on model origin and keep a Western alternative within reach. This is exactly why it pays to build the application so the model can be swapped out, as we describe in our GPT-5.6 versus Claude Fable 5 comparison.
Model choice is drifting away from engineering and into strategy. If you want to work it through against a real process and real data, our strategic consulting team can tell you where a Chinese model is an advantage and where it is needless risk.
The race between China and the US will run for years yet. The decision about which model touches which of your data has to be made now, and it can be made calmly.
Founder and software lead at Rise.sk. He designs and delivers web applications, data systems, and automation, and writes about software decisions, AI, and digital services.
AI-powered phishing emails and deepfake voice calls are becoming mainstream attack vectors. How to recognize them and what internal procedures your company needs.
OpenAI says GPT-5.6 Sol beats Claude Fable 5 on coding at a third of the cost. Anthropic says Fable 5 leads on raw capability. Both are right. Here is which model wins which job.
API tokens can cost less than a developer hour, but tokens are not the whole project. A practical comparison of model usage, review, testing, and operating costs.
Your context changes the answer