The charges are the latest example of a broad pressure campaign against Beijing over its theft of U.S. trade secrets. | Pablo Martinez Monsivais/AP Photo cybersecurity U.S. will charge Chinese hackers with widespread attacks on tech service providers

The Justice Department is preparing to charge Chinese government hackers with a broad campaign of cyberattacks against major technology services firms, according to two sources familiar with the matter.

The charges come as the Trump administration, locked in a trade war with Beijing, alleges that China has violated a 2015 agreement against stealing U.S. businesses’ intellectual property. Further heightening tensions, the U.S. is seeking to extradite from Canada an executive of the Chinese telecom giant Huawei — long considered by U.S. intelligence agencies to be a facilitator of Beijing's digital espionage — for allegedly violating sanctions on Iran.


Chinese intelligence services have spent years trying to hack the managed service providers that remotely administer IT systems for large companies, according to warnings from the Department of Homeland Security and PwC. Access to these providers’ systems would give the hackers a jumping-off point into the databases of their primary targets, exposing vast troves of sensitive corporate data.

Morning Cybersecurity A daily briefing on politics and cybersecurity — weekday mornings, in your inbox. Email Sign Up By signing up you agree to receive email newsletters or alerts from POLITICO. You can unsubscribe at any time. This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Cybersecurity researchers have linked the Chinese activity to a state-backed group dubbed APT 10 and Cloud Hopper.

The charges related to the hacking of managed service providers, first reported by The Wall Street Journal, are only some of the prosecutions that U.S. officials are considering, according to a source familiar with the matter.

“There are a number of charges being contemplated for hacks directed at a number of industries,” said the source, who requested anonymity to discuss ongoing investigations. The IT providers “are just one lucky sub-group.”

The Justice Department declined to comment.

The Journal reported that the charges over the service provider hacks were delayed out of concern that “they could disrupt proceedings” at the G-20 summit in Argentina last week, during which President Trump and Chinese President Xi Jinping committed to “negotiations on structural changes with respect to … cyber intrusions and cyber theft.”

The charges are the latest example of a broad pressure campaign against Beijing over its theft of U.S. trade secrets. At DOJ, a new “ China Initiative ” will prioritize Chinese IP theft cases, including government-backed hacking. On Oct. 30, the U.S. indicted Chinese intelligence officers and their hired hackers for trying to steal a wide range of intellectual property, including plans for a jet engine.

In March, the Office of the U.S. Trade Representative released a detailed report on China’s actions, including its routine use of “cyber intrusions into U.S. commercial networks targeting confidential business information.”

Axios reported in September that the White House has been directing an “administration-wide” campaign against China, with a focus on its malicious cyber activity, to shift the focus away from Russia.