Washington, DC, September 10: The House Select Committee on the Chinese Communist Party (SCCCP) has issued a stark warning about a series of highly targeted cyber-espionage campaigns allegedly backed by Beijing. The Committee said the attacks were designed to compromise U.S. government agencies, trade policy experts, and organizations involved in high-level U.S.-China negotiations.
According to the Committee, the campaigns targeted a broad range of entities, including U.S. business organizations, law firms, think tanks, and at least one foreign government, with the goal of influencing U.S. policy deliberations and negotiation strategies to give China a strategic advantage.
In recent weeks, suspected Chinese cyberattackers reportedly impersonated SCCCP Chairman John Moolenaar in emails to trusted contacts. These emails contained files and links that, if opened, would have allowed attackers to infiltrate victims’ systems and extract sensitive information during ongoing high-level U.S.-China trade engagements.
The Committee concluded that the perpetrators leveraged software and cloud services to mask their activities, a tactic widely recognized as a hallmark of state-sponsored cyber operations.
“This is another example of China’s offensive cyber operations designed to steal American strategy and leverage it against Congress, the Administration, and the American people,” Chairman Moolenaar said. “We will not be intimidated, and we will continue our work to keep America safe.”
The latest revelations follow a January 2025 spear-phishing campaign that targeted four SCCCP staff members working on a confidential investigation into ZPMC, a major Chinese state-owned enterprise and manufacturer. In that case, cyberattackers posed as a ZPMC North America representative, using a deceptive file-sharing tactic to lure staffers to a malicious web page designed to steal Microsoft 365 login credentials without deploying malware.
Committee investigators said the timing, sophistication, and targets of these campaigns indicate they are part of a broader CCP-backed espionage effort. Their analysis showed that attackers used advanced developer tools to create concealed access points within systems and covertly transfer data to their own servers.
The SCCCP confirmed it has shared its findings with the FBI and U.S. Capitol Police and will continue to provide threat indicators to federal authorities and affected organizations. The Committee pledged full support for any defensive or investigative actions needed to safeguard U.S. national security interests.
About The Author
