The Biden administration is poised to publicly accuse several Chinese hackers of conducting widespread cyberattacks against US companies on behalf of China’s civilian intelligence service, according to sources familiar with the matter speaking to CNN.
The coordinated effort by multiple US agencies is expected to involve criminal charges, sanctions, and a substantial reward for information leading to the apprehension of the hackers. The individuals allegedly operate under the direction of China’s Ministry of State Security spy agency, with plans for the US government to release names and photos of the hackers as soon as Monday.
These hackers are believed to have utilized a Chinese technology company as a front to conceal their illicit activities, according to one source. The British government is also reportedly preparing to accuse the same hacking group of targeting organizations in the UK.
The expected announcement comes amidst heightened tensions in US-China cyber relations, following FBI Director Christopher Wray’s recent warning about the potential for Chinese hackers to cause significant harm to American citizens and communities.
While Chinese President Xi Jinping had assured President Biden in November that China would not interfere in the 2024 US election, US officials remain skeptical of these assurances.
China has vehemently denied US allegations of hacking, instead accusing the US of engaging in its own cyber espionage activities against China.
The forthcoming announcement from the US is anticipated to focus on alleged Chinese cyber-espionage activities, rather than the potential for disruptive cyberattacks as warned by Wray.
The hackers are expected to be identified as employees of a technology company based in Wuhan, allegedly conducting hacking operations on behalf of China’s Ministry of State Security. Known in the cybersecurity industry as APT31 or Judgement Panda, these hackers have targeted a wide range of entities, including US law firms, European industrial organizations, and international apparel companies.
It remains unclear whether the individuals to be named this week were involved in previous hacking attempts related to the 2020 US election.
This week’s announcement would not be the first time that Chinese government-backed cyber capabilities have been traced back to contractors working for front companies, as evidenced by leaked documents from another Chinese tech firm, I-Soon, showing a pattern of hacking activities targeting various regions and organizations.