Chinese hackers suspected: cyber attack on US law firm

Chinese hackers suspected: cyber attack on US law firm

Suspected Chinese hackers have gained access to the email accounts of lawyers and consultants at an influential Washington law firm, Wiley Rein. This was revealed in a memo sent by the firm to its clients this week, which was seen by CNN.

Hacker attack on important law firm

The hackers responsible are known to target information related to trade issues, Taiwan and U.S. government agencies responsible for customs issues and foreign investment screening. In the memo, the firm said: "We believe, based on the evidence evaluated to date, that a group possibly affiliated with the Chinese government accessed messages in the Microsoft 365 accounts of certain Wiley employees to gather information."

Context of the cyber attack

The attack comes as the Trump administration escalated the trade war with China this spring by imposing unprecedented tariffs on Chinese exports to the US. These customs measures led to an intensive effort on both sides to understand each other's positions.

Wiley Rein and her role in the trade war

Wiley Rein has Fortune 500 clients and a team of world-class commercial attorneys. The firm is a major player helping U.S. companies and the government navigate the trade conflict with China. It describes itself as “closely connected to Washington” and emphasizes providing “unparalleled insight into the changing priorities of agencies, regulators and lawmakers.”

Cooperation with the authorities

The firm said it is still in the process of clarifying what information the hackers accessed. “We have also notified and are coordinating with law enforcement,” the memo said. CNN has requested comment from Wiley Rein and the FBI, which typically investigates high-profile hacks with national security implications. Google-owned security firm Mandiant is tasked with remediating the hack, Wiley Rein's memo noted.

Suspicious activity and further investigation

This incident is just the latest suspected Chinese intrusion into a U.S. organization involved in sensitive trade or investment matters. CNN reported in January that Chinese hackers broke into the U.S. government office that screens foreign investments for national security risks.

Valuations of foreign investments play an important role in the relationship between the world's two largest economies. On Friday, the Trump administration announced that it had blocked a Hong Kong-based company's acquisition of Jupiter Systems, an audiovisual equipment provider, over concerns about the "potential jeopardy of Jupiter's products used in military and critical infrastructure environments."

China's long-term cyber strategy

For years, U.S. officials, regardless of party, have tried to understand China's formidable cyber capabilities. The FBI has determined that China runs a larger hacking program than all other foreign governments combined. The hack at Wiley Rein could expand one of many ongoing FBI investigations into cyber espionage with ties to Beijing.

The FBI continues to grapple with a sweeping compromise of U.S. telecommunications providers that targeted the telephone communications of senior U.S. leaders, including then-presidential candidate Trump, and which became public last year. AT&T, Verizon and other major communications companies were hacked.

"We don't know if we've finished identifying the victims yet or if there are more," said Brett Leatherman, assistant director of the FBI's Cyber ​​Division. “However, the telecom companies believe they have contained the hackers after many months of investigation,” he added.

Leatherman emphasized: "China's cyber doctrine goes beyond access. It's about creating long-term opportunities for influence."