Full Report
As Americans stew over the looming risk of job-stealing AI and data centers in their back yards, the feds are raising the alarm about a new category of threat, documents obtained by WIRED show.
Analysis Summary
# Threat Actor: Anti-Tech Violent Extremists (ATVE)
## Attribution & Identity
- **Actor Identification:** An emerging category of domestic threat actors categorized by U.S. federal law enforcement as "Anti-Tech Violent Extremists."
- **Known Aliases:** Anti-technology extremists, "Luddite" protesters (implied contextual movement).
- **Associated Groups:**
- **Zizians:** A cult-like group led by Ziz Laota, characterized as "extreme rationalists" obsessed with AI existential risk.
- **Anarchist Violent Extremists:** A broader category frequently linked to these activities by the FBI.
- **Data Center Resistance:** A nationwide protest movement targeting physical infrastructure.
## Activity Summary
- **Targeted Violence:** Recent physical attacks on high-profile technology executives, specifically mentioning an attack on Sam Altman’s residence and OpenAI offices.
- **Civil Unrest:** Large-scale protests and "civil unrest" targeting data centers and AI development hubs.
- **Surveillance Evasion:** Use of encrypted communications (Signal) to coordinate volunteer monitoring of government proceedings and protest activities.
- **Ideological Shifts:** Transition from philosophical "AI alignment" concerns to radicalized actions based on fears of AI becoming "godlike" or causing human obsolescence/economic displacement.
## Tactics, Techniques & Procedures
- **Physical Assault:** Direct kinetic attacks against the homes and offices of tech CEOs.
- **Sabotage/Vandalism:** Targeting of physical infrastructure such as data centers.
- **Operational Security (OPSEC):** Use of encrypted messaging platforms like Signal for group coordination.
- **Information Operations:** Proliferation of "paranoid views regarding AI" and existential dread to recruit and radicalize.
- **Protest & Civil Disobedience:** Coordinating "data center resistance" and monitoring public hearings to obstruct tech proliferation.
- **MITRE ATT&CK IDs:** While primarily kinetic/domestic extremism, the following are relevant:
- **T1592:** Gather Victim Identity Information (Targeting executives)
- **T1583:** Acquire Infrastructure (Physical protest coordination)
## Targeting
- **Sectors:** Artificial Intelligence (AI), Cloud Computing/Data Centers, Big Tech.
- **Geography:** United States, specifically urban hubs like New York City and Silicon Valley.
- **Victims:**
- **Individuals:** Sam Altman (CEO of OpenAI) and other unnamed tech CEOs.
- **Organizations:** OpenAI, frontier AI companies.
- **Infrastructure:** Physical data centers and regional power/cooling facilities supporting them.
## Tools & Infrastructure
- **Malware:** Not mentioned (Focus is on physical/ideological threat).
- **Infrastructure:**
- **Signal:** Encrypted chat platform used for coordination.
- **GitHub:** (Contextual mention of TeamPCP affecting open-source code, though not directly linked to ATVE).
- **Defanged URLs:**
- hxxps[://]www[.]theguardian[.]com/technology/2026/apr/18/sam-altman-house-attack-ai
- hxxps[://]whitehouse[.]gov/wp-content/uploads/2026/05/2026-USCT-Strategy-1[.]pdf
## Implications
The rise of ATVE represents a shift where socio-economic anxieties (job loss, environmental impact of data centers) converge with "existential risk" philosophies. This creates a volatile threat landscape for tech companies where the primary risk is not just cyber-espionage, but physical harm to leadership and disruption of critical physical infrastructure. Government classification of this group suggests an imminent increase in domestic surveillance of "anti-capitalist" and "anti-tech" speech.
## Mitigations
- **Executive Protection:** Enhanced physical security and residential monitoring for high-profile technology leaders.
- **Infrastructure Hardening:** Increasing physical perimeter security for data centers and R&D facilities.
- **Insider Threat Programs:** Monitoring for radicalization within AI alignment and machine learning engineering communities, as noted in the Intelligence Bureau assessment.
- **Monitoring of Public Filings:** Tracking protest movements appearing at public hearings regarding data center permits.