U.S. to reveal charges against Chinese hackers: sources

© Reuters. Illustration photo of computer code on a screen above a Chinese flag© Reuters. Illustration photo of computer code on a screen above a Chinese flag

By Christopher Bing

(Reuters) – Federal prosecutors are expected to unveil criminal charges as soon as next week against hackers linked to Chinese intelligence for allegedly stealing data from U.S. companies, according to people familiar with the matter.

A senior U.S. intelligence official described the Chinese operation, known as “Cloudhopper,” as one of the most expansive and successful hacking schemes ever recorded. The pending charges were first described in a story by the Wall Street Journal on Friday.

The breaches by hackers associated with China’s Ministry of State Security have allowed China to gather large quantities of data on a wide range of American businesses, according to two U.S. officials who spoke on condition of anonymity because they were not authorized to discuss the investigations.

Cloudhopper focuses on hacking large, third-party, data storage companies, and cloud software service companies that store data for U.S. companies and government agencies.

Cyberattacks connected to Cloudhopper began at least as early as 2017, according to a report from British multinational defense contractor BAE Systems (LON:), which has an internal cybersecurity research unit that publishes some of its findings for marketing purposes.

The timing of the charges will likely further escalate tensions between Washington and Beijing after the arrest of Meng Wanzhou, the chief financial officer of Chinese telecommunications giant Huawei Technologies [HWT.UL], at the reequst of the United States. The Huawei case is unrelated to the pending hacking charges.

The Justice Department and the National Security Agency did not immediately respond to a request for comment. The Chinese embassy in the United States did not immediately respond to a request for comment.

The charges may be followed by sanctions and other punitive measures, according to one of the U.S. officials. The official did not say exactly who might come under sanction.

Cloudhopper is considered a major cyberthreat by private-sector cybersecurity researchers and government investigators because of the scale of the intrusions.

Over the last several years, as companies around the globe have sought to cut down information technology spending, they have increasingly relied on outside contractors to store and transfer their data.

When a managed service provider is hacked, it can unintentionally provide the attackers access to secondary victims who are customers of that company and have their computer systems connected to them, experts say.

“It’s a large-scale concern because of how broad it is and how pervasive this access is,” said Rob Joyce, a senior adviser to the National Security Agency. “What we’ve watched is after they’ve gotten into managed service providers, it’s our belief that they haven’t been completely pushed out.”

“That is strategic high ground,” Joyce said in an interview in October.

Disclaimer: Fusion Media would like to remind you that the data contained in this website is not necessarily real-time nor accurate. All CFDs (stocks, indexes, futures) and Forex prices are not provided by exchanges but rather by market makers, and so prices may not be accurate and may differ from the actual market price, meaning prices are indicative and not appropriate for trading purposes. Therefore Fusion Media doesn`t bear any responsibility for any trading losses you might incur as a result of using this data.

Fusion Media or anyone involved with Fusion Media will not accept any liability for loss or damage as a result of reliance on the information including data, quotes, charts and buy/sell signals contained within this website. Please be fully informed regarding the risks and costs associated with trading the financial markets, it is one of the riskiest investment forms possible.