LONDON — The US and UK on Monday accused Chinese state-linked hackers of being behind “malicious” cyber campaigns targeting political figures, in moves expected to stoke tensions with Beijing.
The British government also claimed that hackers linked to China were behind an attack that saw the data of millions of voters accessed.
“I can confirm today that Chinese state-linked actors were responsible for two malicious cyber campaigns targeting our democratic institutions and MPs,” British Deputy Prime Minister Oliver Dowden said in a speech to parliament on Monday.
Dowden attributed a hack of the Electoral Commission, the independent agency tasked with setting standards for how UK elections are conducted, to an actor linked to the Chinese state. The campaigns are said to have taken place between 2021 and 2022.
The attack was detected by the Electoral Commission in October 2022, but was not disclosed until last year. Hackers accessed the names and addresses of anyone in Britain registered to vote between 2014 and 2022, the Electoral Commission said in a 2023 Public Notice.
A spokesman for the Chinese embassy in the UK said claims that China was behind cyber attacks in the UK were “completely fabricated and malicious slander”.
“We strongly oppose such accusations,” the Chinese embassy spokesman told reporters at a press conference on Monday, according to modernize posted on its website. “China has always vigorously fought all forms of cyber attacks in accordance with the law.”
“A clear pattern”
Dowden said the UK believes China is behind the attempted snooping on British lawmakers’ email accounts in the summer of 2021. He blamed the Chinese hacker group APT31 for being behind the attack.
Cybersecurity firm Mandiant, which is owned by Google, describes APT31 as “a Chinese cyber espionage agent focused on obtaining information that can provide the Chinese government and state-owned enterprises with political, economic and military advantages.”
Dowden added that attempts to hack the email accounts of British lawmakers were however “unsuccessful”.
“We now want to be as open as possible with Parliament and the British public,” Dowden said. “This is the latest in a clear pattern of hostile activity coming from China.”
Dowden said the UK had sanctioned two individuals residing in China, as well as an entity linked to APT31.
The US is hitting China
Separately, the US Justice Department unsealed an indictment on Monday that accuses hackers linked to the Chinese state of being behind cyber campaigns targeting US businesses, government officials and politicians.
The Ministry of Justice indicted seven Chinese nationals, Ni Gaobin. Weng Ming? Cheng Feng? Peng Yaowen? Sun Xiaohui? Xiong Wang? and Zhao Guangzong, with conspiracy to commit computer hacking and conspiracy to commit telecommunications fraud for participating in a China-based hacking group that spent 14 years targeting American and foreign critics, businesses and political officials.
These individuals operated as part of the APT31 hacking group, the DOJ said.
“The Department of Justice will not tolerate efforts by the Chinese government to intimidate Americans who serve the public, silence dissenters protected by American law, or steal from American businesses,” Attorney General Merrick B. Garland said in a statement on Monday.
“This case serves as a reminder of the ends to which the Chinese government is willing to target and intimidate its critics, including launching malicious cyber operations aimed at threatening the national security of the United States and our allies,” added Garland.
Geopolitical tensions
The announcements from the UK and US are likely to anger Beijing.
Relations between the UK and China have soured over the years, particularly on the technology front, following actions by the British government aimed at curbing national security risks posed by Chinese technology companies.
“The impact of such a breach on UK-Chinese relations could be profound,” Javvad Malik, chief security awareness advocate at cybersecurity firm KnowBe4, told CNBC on Monday via email.
“It is likely to escalate tensions, leading to diplomatic pressure and possibly lead to retaliation in cyberspace or other areas of bilateral cooperation.”
Malik added that the situation “requires a strong response not only in securing compromised systems and preventing further breaches, but also in strengthening international legal and rules-based systems governing state behavior in cyberspace.”
“To mitigate the consequences and prevent future incidents, it is vital for nations to invest in stronger cybersecurity defenses, international cooperation and capacity building to deter cyber adversaries,” he said.
Some hawkish lawmakers are pushing the UK government to take tougher action against China.
The Inter-Parliamentary Alliance for China, a cross-border group of lawmakers seeking to reform China policy, said Monday in a post on social media platform X that it, along with other members of Parliament, activists and dissidents, had been “subjected to harassment , impersonation and attempted invasion from China for some time.”
“We take this opportunity to emphasize that, although extremely unwanted, our suffering pales in comparison to the Chinese dissidents who risk their lives to oppose the Chinese Communist Party. It is time for them to receive greater support for their host governments.” the team said.
In 2020, for example, the UK government banned Huawei telecommunications equipment from its 5G mobile network, citing spying concerns. Huawei, for its part, denies the allegations and says it will not work with China to spy on Western communications.
Relations between the US and China have also come under considerable strain. American lawmakers recently approved a controversial bill that could lead to TikTok being banned in the US if it doesn’t run afoul of Chinese parent ByteDance.
If the bill becomes law, TikTok would have less than six months to exit ByteDance or be banned from apps and web hosting sites in the US