The Biden administration is preparing to publicly accuse several Chinese hackers of conducting sweeping hacks against US companies on behalf of China’s civilian intelligence service, three people familiar with the matter told CNN.
The multi-agency crackdown is expected to include criminal charges, sanctions and a multimillion-dollar reward for information on the hackers, whom the US government alleges operate at the behest of China’s powerful Ministry of State Security spy agency, the sources said.
An announcement identifying the hackers with names and photos is expected as soon as Monday, the sources said. The hackers have been using a Chinese technology company as a front to cover their hacking activity, one of the sources said. The British government is also preparing to accuse the hacking group of targeting UK organizations, the sources said.
CNN has requested comment from the Chinese Embassy in Washington, DC. The Justice Department declined to comment for this story.
The moves would come at a particularly delicate time in US-China cyber relations, weeks after FBI Director Christopher Wray issued a dire public warning that a different group of Chinese hackers was preparing “to wreak havoc and cause real-world harm to American citizens and communities, if or when China decides the time has come to strike.”
At a meeting in November, Chinese President Xi Jinping assured US President Joe Biden that China would not interfere in the 2024 US election — an assurance that US officials are not taking at face value, CNN previously reported.
Beijing has vigorously denied the US allegations of hacking and in turn accused the US of conducting its own hacking operations against China.
The US announcement expected this week will focus on alleged Chinese cyber-espionage instead of the possible disruptive cyberattacks highlighted by Wray, according to the sources briefed on the matter.
The US is expected to identify several Chinese men as working for a Wuhan-based technology company that conducts hacking operations on behalf of the MSS, China’s civilian spy agency. The cybersecurity industry knows the hacking group as APT31 or Judgement Panda, and researchers have found the hackers targeting everything from US law firms to European industrial organizations to international apparel companies.
Ahead of the 2020 US election, hackers associated with the group had unsuccessfully tried to break into email accounts of people affiliated with the Biden campaign, according to Microsoft. It was not immediately clear whether any of the men expected to be named this week were allegedly involved in that activity.
The announcement this week wouldn’t be the first time that the Chinese government’s extensive cyber capabilities have been traced back to contractors working for front companies.
A trove of documents leaked last month from another Chinese tech firm, I-Soon, showed victims of the firm’s hacking from Tibet to Hong Kong. Clients listed in contracts with the firm included China’s police, intelligence service and military, according to the leaked data.
