Chinese hackers breach US software and law firms amid trade fight, experts say
By Sean Lyngaas, CNN
(CNN) — A team of suspected Chinese hackers has infiltrated US software developers and law firms in a sophisticated campaign to collect intelligence that could help Beijing in its ongoing trade fight with Washington, Google-owned cybersecurity firm Mandiant said Wednesday.
The hackers have been rampant in recent weeks, hitting the cloud-computing firms that numerous American companies rely on to store key data, Mandiant said. In a sign of how important China’s hacking army is in the race for tech supremacy, the hackers have also stolen US tech firms’ proprietary software and used it to find new vulnerabilities to burrow deeper into networks, according to Mandiant.
The FBI is investigating the intrusions and US officials are still trying to understand the full scope of the hacks, sources told CNN.
It’s a fresh five-alarm fire for the FBI’s cyber experts, who at any given time are investigating multiple sophisticated Chinese cyber-espionage campaigns aimed at US government and corporate secrets.
In some cases, the hackers have lurked undetected in the US corporate networks for over a year, quietly collecting intelligence, Mandiant said.
The disclosure comes after the Trump administration escalated America’s trade war with China this spring by slapping unprecedented tariffs on Chinese exports to the United States. The tit-for-tat tariffs set off a scramble in both governments to understand each other’s positions.
“The FBI is aware of this matter and we continue to work with our law enforcement and private sector partners,” a bureau spokesperson told CNN. “We encourage the public to contact their local field office or tips.fbi.gov, if they believe to be a victim.”
Mandiant analysts said the fallout from the breaches — the task of kicking out the hackers and assessing the damage — could last many months. They described it as a milestone hack, comparable in severity and sophistication to Russia’s use of SolarWinds software to infiltrate US government agencies in 2020.
The suspected Chinese hackers are “very active right now,” said Charles Carmakal, Mandiant’s chief technology officer. “We believe that there are many organizations that are actively compromised that don’t know about it.”
This is “the most prevalent [cyber] adversary in the United States over the past several years,” Carmakal said.
CNN has requested comment on Mandiant’s findings from the Chinese Embassy in Washington, DC. Beijing routinely denies US hacking allegations and accuses the US of conducting cyberattacks against China.
Law firms are attractive espionage targets because of the role that they play in helping government and corporate clients navigate trade and national security disputes. Suspected Chinese hackers this summer breached the email accounts of attorneys at Washington, DC-based firm Wiley Rein, CNN previously reported.
The FBI has said that China’s cyber operatives outnumber all FBI agents by at least 50 to 1. For years, across Republican and Democratic administrations, US officials have tried to counter this numerical advantage by exposing the hackers’ tactics through indictments, sanctions and other measures. In rare cases, the FBI has taken Chinese operatives into custody.
Italian authorities in July arrested a Chinese man accused by US prosecutors of being part of a hacking team that stole coveted US research into a coronavirus vaccine on behalf of Chinese intelligence.
“He is one of the first hackers linked to Chinese intelligence services to be captured by the FBI,” the bureau’s Houston field office said at the time.
The-CNN-Wire
™ & © 2025 Cable News Network, Inc., a Warner Bros. Discovery Company. All rights reserved.
