US subpoenas multiple Chinese communications providers in security review

The Commerce Department announced Wednesday that it subpoenaed several Chinese communications firms as the government reviews possible national security risks following alarming cyberattacks. 

Commerce Secretary Gina Raimondo did not specify in a press release which companies had received subpoenas, though she did clarify that the companies provide information and communications technology and services (ICTS) in the U.S. She indicated the move was fueled in part over concern regarding China’s hacking of U.S. cyber infrastructure. 

“The Biden-Harris Administration has been clear that the unrestricted use of untrusted ICTS poses a national security risk. Beijing has engaged in conduct that blunts our technological edge and threatens our alliances,” Raimondo said.

“In issuing subpoenas today, we are taking an important step in collecting information that will allow us to make a determination for possible action that best protects the security of American companies, American workers, and U.S. national security. We hope to work cooperatively with these companies and conclude a thorough review,” she added.

Chinese hackers last struck in a broad intrusion into an email program commonly used by American businesses.

Microsoft announced that a hacking group supported by Beijing had sought to take advantage of previously unknown security weaknesses in the email application Exchange Server. Hafnium, the hacking group, was determined to be behind the attack “based on observed victimology, tactics and procedures.”

The hack came as officials were already on high alert after the sprawling breach of SolarWinds Corp., which gave hackers access to data from a number of government agencies that used the company’s software. That attack is believed to have been the work of Russian-backed hackers.

The Biden administration has said it will move forward with a rule implemented by former President Trump to bolster the information technology supply chain. It has granted the Commerce Department the power to monitor the transactions of foreign adversaries, including China.

President Biden said last month that the executive order, which mandates government reports assessing cyber risks within key industries that could disrupt the U.S. supply chain, is an issue “of both concern for economic security as well as our national security.” 

The subpoenas come just a day before Secretary of State Antony Blinken and national security adviser Jake Sullivan will meet with their Chinese counterparts in Alaska. China’s support for hacks and intellectual property theft are anticipated to be on the agenda at the meeting.