UK and US accuse China of ‘malicious’ global cyber attacks

26 March 2024, 04:04

China
China. Picture: PA

Officials in Britain and the US on Monday filed charges and imposed sanctions on alleged spies linked to the APT31 hacking group.

The UK and the United States have accused China of a global campaign of “malicious” cyber attacks in an unprecedented joint operation to reveal Beijing’s espionage.

Britain has publicly blamed China for targeting the Electoral Commission watchdog and for being behind a campaign of online “reconnaissance” aimed at the email accounts of MPs and peers.

Chinese spies are likely to use the stolen details to target dissidents and critics of Xi Jinping’s government in the UK, British intelligence services believe.

US officials said the APT31 hacking group spent more than a decade targeting the sensitive data of politicians, journalists, academics, dissidents and American companies.

The “prolific global hacking operation”, backed by the Chinese government, sought to “repress critics of the Chinese regime, compromise government institutions, and steal trade secrets,” US deputy attorney general Lisa Monaco said.

The hackers sent more than 10,000 “malicious” emails to the targets to gain access to personal information, US prosecutors said, adding the criminals threatened to “undermine democracies and threaten our national security”.

The US charged seven of the alleged Chinese hackers on Monday.

The UK said Beijing-linked hackers were behind the attack on the Electoral Commission which exposed the personal data of 40 million voters, as well as 43 individuals including MPs and peers.

A front company, Wuhan Xiaoruizhi Science and Technology Company, and two individuals, Zhao Guangzong and Ni Gaobin, linked to the APT31 hacking group were sanctioned in response to the hacks.

However, some of the MPs targeted by Beijing said the response did not go far enough.

They urged the Government to toughen its stance on China by labelling it a “threat” to national security rather than an “epoch-defining challenge”, and to put China in the “enhanced” tier under the Foreign Influence Registration Scheme.

Conservative former minister Tim Loughton told Sky News: “We’re going to sanction two people, two pretty lowly officials, and one private company, which employs 50 people. That is just not good enough.”

Dowden
Deputy Prime Minister Oliver Dowden telling the Commons Beijing was to blame for a cyberattack on the Electoral Commission (UK Parliament/Andy Bailey/PA)

Deputy Prime Minister Oliver Dowden, who announced the measures in a Commons statement, appeared to suggest China could soon be declared a “threat”.

He told MPs that “we are currently in the process of collective Government agreement” over the matter, and that “clearly the conduct I have described today will have a very strong bearing on the decision that we make”.

Cabinet tensions have reportedly surfaced over the issue, with some ministers pushing for tougher action on Beijing while others are resistant over concerns it could harm economic and trade relations.

Foreign Secretary Lord Cameron said the actions were “completely unacceptable” and he had raised the issue with his Chinese counterpart Wang Yi.

The Chinese ambassador has also been summoned to the Foreign Office to account for his country’s actions.

The Electoral Commission attack was identified in October 2022 but the hackers had been able to access the commission’s systems containing the details of tens of millions of voters for more than a year by that point.

The registers held at the time of the cyber attack include the name and address of anyone in the UK who was registered to vote between 2014 and 2022, as well as the names of those registered as overseas voters.

The National Cyber Security Centre (NCSC), part of GCHQ, said it was likely that Chinese state-affiliated hackers stole emails and data from the electoral register.

This, in combination with other data sources, was highly likely to have been used by Beijing’s intelligence services for large-scale espionage and transnational repression of perceived dissidents and critics based in the UK.

There is no suggestion the hack had any impact on the largely paper-based UK electoral system.

Mr Dowden insisted the local elections in May and the general election later this year would be safe from Chinese cyber attacks.

He told the PA news agency: “Yes, I can guarantee that our electoral processes will be safe and secure.”

The UK acted with support from allies in the Five Eyes intelligence-sharing partnership, which also includes the US, Canada, Australia and New Zealand, in identifying the Chinese-linked cyber campaigns.

On Tuesday, New Zealand alleged hackers linked to the Chinese government launched a state-sponsored operation that targeted the country’s parliament in 2021.

Minister responsible for the Government Communications Security Bureau (GCSB), Judith Collins, said in a statement: “The GCSB’s National Cyber Security Centre (NCSC) completed a robust technical assessment following a compromise of the Parliamentary Counsel Office and the Parliamentary Service in 2021, and has attributed this activity to a PRC (China) state-sponsored group known as APT40.

“Fortunately, in this instance, the NCSC worked with the impacted organisations to contain the activity and remove the actor shortly after they were able to access the network.”

She added New Zealand will not follow the UK and US in sanctioning China as the country does not have a law allowing such penalties.

The Chinese government strongly denied that it had carried out, supported or encouraged cyber attacks on the UK, describing the claims as “completely fabricated and malicious slanders”.

A spokesperson for China’s embassy in London said: “China has always firmly fought all forms of cyber attacks according to law.

“China does not encourage, support or condone cyber attacks.

“At the same time, we oppose the politicisation of cyber security issues and the baseless denigration of other countries without factual evidence.

“We urge the relevant parties to stop spreading false information and stop their self-staged, anti-China political farce.”

By Press Association

More Technology News

See more More Technology News

AI study

Action needed to protect election from AI disinformation, study says

Dr Laura Cinti looks up at an E.woodii plant growing in a glasshouse at Kew Gardens

AI enlisted in the hunt for female partner for lonely ancient plant

A mobile phone next to a telecoms mast near Dundry, Somerset

Pace required to hit targets on rural mobile signal unsustainable, report says

A NatWest sign

NatWest apologises to customers after mobile and online banking suffer outages

Greg Clark

AI regulators in UK are ‘under-resourced’, warns science committee chairman

Openreach engineer

Plans to build full fibre broadband in more than 500 new places unveiled

TikTok strategy

Tory TikTok launch ‘pathetic’ compared with Labour’s ‘savvier’ approach – expert

Person using laptop

More than 300 million children a year face sexual abuse online, study suggests

There are calls for mobile phones to be totally banned for under 16s

Calls for mobile phones to be totally banned for under 16s

A young girl using a mobile phone (picture posed by model)

Next government should consider banning phones for under-16s, report says

Sir Chris Bryant

AI should be used to develop an app which detects skin cancer, Labour MP says

Handout image from Microsoft of its Copilot virtual assistant displayed on a laptop screen

Microsoft expanding Copilot AI assistant to organise meetings and support teams

Solar panels on a house roof

Octopus Energy launches ‘buy now, pay later’ for solar panels

Raspberry Pi

Raspberry Pi set for June IPO in welcome boost for London market

A person using a laptop

Nations agree to develop shared risk thresholds for AI as Seoul summit closes

Microsoft new equiment

Data regulator looking into Microsoft’s AI Recall feature