On Monday, the US authorities sanctioned hackers accused of running the operation. UK sanctions target two persons and a front firm linked to the Chinese ministry of state security-affiliated cyber-espionage organization APT31.
IN SHORT
US and UK sanctions Chinese State-backed Hackers Over ‘Malicious’ Attacks
- The US and UK have announced sanctions against hackers linked to the cyber-espionage group APT31, associated with the Chinese ministry of state security.
- The US alleges that the individuals were working as a front for Beijing, leading to a years-long cyber-attack campaign targeting politicians, journalists, and businesses.
- The operation resulted in compromised emails systems and networks.
- The New Zealand government raised concerns with the Chinese government about its involvement in an attack targeting the country’s parliamentary entities in 2021.
- The US Department of Justice charged Zhao, Ni, and five other hackers with conspiracy to commit computer intrusions and wire fraud.
- The hacking campaign involved sending over 10,000 malicious emails, which contained hidden tracking links that allowed APT 31 to access information about their targets.
- UK officials also added sanctions for a hack that may have gained access to information on tens of millions of UK voters held by the Electoral Commission.
- The Foreign Office stated that the hack of the election registers has not affected electoral processes, rights, or access to the democratic process of any individual.
- British cybersecurity officials said that Chinese government-affiliated hackers “conducted reconnaissance activity” against British parliamentarians who were critical of Beijing in 2021.
The US and UK have announced sanctions against Chinese state-backed hackers over alleged malicious attacks. The UK has imposed sanctions on two individuals and a front company linked to the cyber-espionage group APT31, which is associated with the Chinese ministry of state security. The US alleges the individuals were working as a front for Beijing in an indictment and sanctions announcement. The US and UK accused China of conducting a years-long cyber-attack campaign targeting politicians, journalists, and businesses. The operation saw political dissidents and critics of China targeted by sophisticated phishing campaigns, which resulted in some emails systems and networks being compromised.
On Tuesday, the New Zealand government raised concerns with the Chinese government about its involvement in an attack which targeted the country’s parliamentary entities in 2021. The US treasury’s office of foreign assets control stated that it sanctioned Wuhan Xiaoruizhi Science and Technology Company Ltd, which it calls a front for the Chinese ministry of state security that has “served as cover for multiple malicious cyberoperations”. The US Department of Justice charged Zhao, Ni, and five other hackers with conspiracy to commit computer intrusions and wire fraud. The agency said they were part of a 14-year long cyber operation “targeting US and foreign critics, businesses, and political officials”.
The hacking campaign involved sending over 10,000 malicious emails, which contained hidden tracking links that allowed APT 31 to access information about their targets including locations and IP addresses. The emails targeted government officials around the world who were critical of China’s policies, including White House staff and election campaign workers from both major parties.
UK officials also added sanctions, stating that those sanctioned by the country are responsible for a hack that may have gained access to information on tens of millions of UK voters held by the Electoral Commission, as well as for cyber-espionage targeting lawmakers who have been outspoken about threats from China. The Foreign Office said the hack of the election registers “has not had an impact on electoral processes, has not affected the rights or access to the democratic process of any individual, nor has it affected electoral registration.”
British cybersecurity officials said that Chinese government-affiliated hackers “conducted reconnaissance activity” against British parliamentarians who were critical of Beijing in 2021. They reported that no successful compromise of parliamentary accounts occurred. Three lawmakers, including former Conservative party leader Iain Duncan Smith, told reporters Monday they have been “subjected to harassment, impersonation, and attempted hacking from China for some time”.
China’s foreign affairs ministry said ahead of the announcement that countries should base their claims on evidence rather than “smear” others without factual basis. The ministry spokesperson Lin Jian said that “cybersecurity issues should not be politicized,” and “we hope all parties will stop spreading false information, take a responsible attitude, and work together to maintain peace and security in cyberspace.”