CNN
—
Suspected Chinese hackers have broken into the email accounts of attorneys and advisers at a powerful Washington, DC, law firm in an apparent intelligence-gathering operation, the firm, Wiley Rein, told clients this week in a memo reviewed by CNN.
The hackers responsible have been known to target information related to trade, Taiwan and US government agencies involved in setting tariffs and reviewing foreign investment, said the notice from the firm.
“We believe, based on the evidence reviewed to date, that a group that may be affiliated with the Chinese government accessed messages in the Microsoft 365 accounts of certain Wiley personnel for intelligence gathering purposes,” the memo said.
The breach comes after the Trump administration escalated America’s trade war with China this spring by slapping unprecedented tariffs on Chinese exports to the United States. The tit-for-tat tariffs set off a scramble in both governments to understand each other’s positions.
With clients that span the Fortune 500 and a team of top trade attorneys, Wiley Rein is a powerful player in helping US companies and the government navigate the trade war with China. The firm describes itself as “wired into Washington” and says it provides “unmatched insights into the evolving priorities of agencies, regulators, and lawmakers.”
Wiley Rein told clients it is still working to determine what information the hackers accessed. “We also notified law enforcement and are coordinating with them.”
CNN has requested comment from Wiley Rein and the FBI, which typically investigates high-profile hacks with national security implications. Google-owned security firm Mandiant is remediating the hack, the Wiley Rein memo said. CNN has requested comment from Mandiant.
Liu Pengyu, spokesperson for the Chinese Embassy in Washington, DC, said in a statement to CNN, “China firmly opposes and combats all forms of cyber attacks and cyber crime — a position that is consistent and clear. At the same time, we also firmly oppose smearing others without solid evidence.”
It’s only the latest suspected Chinese intrusion into a US organization that handles sensitives trade or investment matters. CNN reported in January that Chinese hackers had breached the US government office that reviews foreign investments for national security risks.
Foreign investment reviews play an important role in the relationship between the world’s two biggest economies. On Friday, the Trump administration announced that it had blocked a Hong Kong-based firm’s acquisition of Jupiter Systems, a supplier of audio-visual equipment. The statement cited the “potential compromise of Jupiter’s products used in military and critical infrastructure environments.”
For years, across Republican and Democratic administrations, US officials have tried to come to grips with China’s formidable cyber capabilities. The FBI has said that China has a bigger hacking program than all other foreign governments combined.
The hack of Wiley Rein could add to one of numerous open investigations that the FBI has into Beijing-linked cyber-espionage.
The FBI is still dealing with the sweeping Chinese compromise of US telecom providers that targeted the phone communications of senior US leaders, including then-presidential candidate Trump and became public last year. AT&T, Verizon and other big communications firms were breached.
“We don’t know if we’re done identifying victims or if there will be more,” Brett Leatherman, the assistant director of the FBI’s Cyber Division, said in an interview last month with CNN, referring to the telecom hacking campaign. But the FBI does believe the telecom firms have contained the hackers after many months of investigation, he said.
“Beijing’s cyber doctrine is more than access,” Leatherman added. “It’s about building long-term leverage.”
This story has been updated with additional details.
