The Biden administration is gearing up to publicly accuse several Chinese hackers of conducting extensive hacks against US companies on behalf of China’s civilian intelligence service. This multi-agency crackdown is anticipated to involve criminal charges, sanctions, and a substantial reward for information on the hackers, who are believed to be operating under the direction of China’s Ministry of State Security spy agency.
An official announcement identifying the hackers with names and photos is expected imminently. These hackers have reportedly been using a Chinese technology company as a front to mask their hacking activities. Additionally, the British government is also preparing to accuse the hacking group of targeting organizations in the UK.
While the US government is set to make these allegations, the Chinese Embassy in Washington, DC, has been approached for comment, but the Justice Department has declined to provide any statements on the matter.
This development comes amidst heightened tensions in US-China cyber relations, following a recent warning from FBI Director Christopher Wray about the potential threat posed by Chinese hackers. The US is expected to name several Chinese individuals working for a technology company based in Wuhan that allegedly conducts hacking operations on behalf of the MSS.
The hacking group, known in the cybersecurity industry as APT31 or Judgement Panda, has been linked to various cyber-espionage activities targeting entities ranging from US law firms to European industrial organizations. Notably, ahead of the 2020 US election, hackers associated with this group attempted to breach email accounts linked to the Biden campaign.
While Beijing has vehemently denied these hacking allegations, accusing the US of its own cyber operations against China, the US is poised to focus on Chinese cyber-espionage in its upcoming announcement. The Chinese government’s cyber capabilities have previously been traced back to contractors working for front companies, as evidenced by leaked documents from another Chinese tech firm, I-Soon, which revealed hacking victims across regions like Tibet and Hong Kong.
