by The United Kingdom and the United States have accused China of a global campaign of “malicious” cyber attacks in an unprecedented joint operation to expose Beijing’s espionage.
Britain has publicly accused China of targeting Electoral Commission surveillance and being behind an online “exploration” campaign targeting the email accounts of MPs and peers.
Chinese spies are likely to use the stolen data to target dissidents and critics of Xi Jinping’s government in the UK, according to British intelligence services.
US officials said the APT31 hacking group spent more than a decade targeting the sensitive data of American politicians, journalists, academics, dissidents and companies.
The “prolific global hacking operation”, backed by the Chinese government, sought to “suppress critics of the Chinese regime, compromise government institutions, and steal trade secrets,” US deputy attorney general Lisa Monaco said. .
The hackers sent more than 10,000 “malicious” emails to the targets to gain access to personal information, US prosecutors said, adding the criminals threatened to “undermine democracies and threaten our national security”.
The United States charged seven of the alleged Chinese hackers on Monday.
Seven Hackers Linked to the Chinese Government Charged with Computer Hacks Targeting China’s Mindful Hackers and US Businesses and Politicians https://t.co/nL5Wuh7mev
— US Attorney EDNY (@EDNYnews) March 25, 2024
The UK said Beijing-linked hackers were behind the attack on the Electoral Commission which exposed the personal details of 40 million voters, as well as 43 individuals including MPs and peers.
A front company, Wuhan Xiaoruizhi Science and Technology Company, and two people, Zhao Guangzong and Ni Gaobin, linked to the hacking group APT31 were sanctioned in response to the hacks.
However, some MPs targeted by Beijing said the response did not go far enough.
They urged the Government to strengthen its position on China by labeling it a “threat” to national security rather than an “era-defining challenge”, and to place China in the “improved” tier under the Foreign Influence Registration Scheme.
Former Conservative minister Tim Loughton told Sky News: “We’re going to allow two, two fairly low-level officials, and one private company, which employs 50 people. That’s not good enough.”
Deputy Prime Minister Oliver Dowden, who announced the measures in a statement from the Deputy, seemed to understand that China could be declared a “threat” soon.
He told MPs that “we are currently in the process of a Government agreement” on the matter, and “clearly the behavior I have described today will have a very strong impact on the decision we make”.
Cabinet tensions have reportedly surfaced over the issue, with some ministers pushing for tougher action on Beijing and others resisting concerns it could damage economic and trade relations.
Foreign Secretary Lord Cameron said the actions were “totally unacceptable” and raised the issue with his Chinese counterpart Wang Yi.
The Chinese ambassador was also sent to the Foreign Office to account for his country’s actions.
Hostile actors were active in our systems and had access to servers that held our email, our control systems, and copies of the electoral registers. We have since worked with outside security experts and the National Cyber Security Center to investigate and secure our systems.
— Electoral Commission (@ElectoralCommUK) August 8, 2023
The Electoral Commission attack was identified in October 2022 but the hackers were able to access the commission’s systems containing the data of tens of millions of voters for more than a year by that point.
The registers held at the time of the cyber attack include the name and address of anyone in the UK who was registered to vote between 2014 and 2022, as well as the names of those registered as overseas voters.
The National Cyber Security Center (NCSC), part of GCHQ, said it was likely that Chinese state-affiliated hackers stole emails and data from the election program.
It was highly likely that Beijing’s intelligence services used this, in combination with other sources of data, to carry out large-scale espionage and transnational repression of perceived dissidents and critics based in the UK.
There is no suggestion that the hack has had any impact on the UK’s largely paper-based electoral system.
Mr Dowden insisted the local elections in May and the general election later this year would be safe from Chinese cyber attacks.
He told the PA news agency: “Yes, I can guarantee that our election processes will be safe and secure.”
The UK acted with the support of allies in the Five Eyes intelligence-sharing partnership, which also includes the United States, Canada, Australia and New Zealand, to identify cyber campaigns linked to the Chinese.
The Chinese government has strongly denied that it has carried out, supported or encouraged cyber-attacks on the UK, describing the claims as “completely fabricated and malicious”.
A spokesman for the Chinese embassy in London said: “China has always firmly fought all forms of cyber-attacks in accordance with the law.
“China does not encourage, support or condone cyber attacks.
“At the same time, we oppose the politicization of cyber security issues and the baseless questioning of other countries without factual evidence.
“We call on the relevant parties to stop spreading false information and stop their self-righteous, anti-China political whistling.”
