Unlock the Publisher’s Digest for free
Roula Khalaf, editor of the FT, selects her favorite stories in this weekly newsletter.
The United States and the United Kingdom have unveiled sweeping measures against Chinese government-backed hackers, claiming they have carried out widespread cyberattacks against targets in Washington and Westminster.
The US Justice Department on Monday indicted seven Chinese citizens it believes were members of APT31, a Wuhan-based hacking group run by China’s main spy service.
The indictment alleges that the group sent more than 10,000 “malicious” emails with hidden tracking links to federal government officials, companies “of national economic importance,” including defense, and Capitol Hill.
The campaign lasted years and targets included international critics of the Chinese government, including 43 British MPs, the DoJ said.
The UK said Chinese hackers were behind two malicious cyber campaigns against Britain’s election watchdog and MPs, with the government announcing sanctions in response. Iain Duncan Smith, former leader of the Conservative Party, was among the targets, UK said.
The US and UK interventions come against a backdrop of geopolitical and trade tensions with Beijing, with Prime Minister Rishi Sunak warning on Monday that an “increasingly assertive” China would be an “epochal challenge”.
The US indictment follows an executive order signed last month by President Joe Biden to defend US ports from Chinese cyberattacks and after FBI Director Christopher Wray told the Financial Times that the US was ‘focused’ on the Chinese cyber threat.
The United States “will not tolerate the Chinese government’s efforts to intimidate Americans who serve the public, to silence dissidents protected by American laws, or to steal from American businesses,” the country’s Attorney General Merrick Garland said Monday.
Liu Pengyu, a spokesman for the Chinese embassy in Washington, said China “firmly opposes and represses all forms of cyber attacks” and called the accusations “baseless.” He added that China has also been a victim of cyber attacks and that “the United States itself is the origin and main perpetrator.”
Oliver Dowden, the UK’s deputy prime minister, said British intelligence had concluded it was “almost certain” that APT31 conducted reconnaissance activities against British MPs during a separate campaign in 2021.
It is “highly probable” that the group was responsible for the complex attack on the Electoral Commission between 2021 and 2022, Dowden told parliament.
The UK sanctions announced on Monday include asset freezes and travel bans on two members of APT31 who, according to the Foreign Office, were “operating on behalf of China’s Ministry of State Security” and had been involved in the campaign of cyber espionage.
The UK also blacklisted Wuhan Xiaoruizhi Science and Technology Company Ltd, which it said was associated with APT31 and operated on behalf of the Chinese MSS as part of Beijing’s “state-sponsored apparatus”.
Foreign Secretary Lord David Cameron said it was “completely unacceptable that organizations and individuals affiliated with the Chinese state have targeted our democratic institutions and political processes.” Cameron said he had raised the issue directly with Chinese Foreign Minister Wang Yi.
The Chinese Embassy in London said: “China’s so-called cyber attacks against the UK are completely fabricated and are malicious slander. We strongly oppose such accusations.”
The US and UK interventions came after Belgium’s cybersecurity agency named APT31 as the culprit in an attack on a prominent Belgian politician in March 2023.
The alleged breach of Election Commission systems by Beijing-linked actors echoes China’s attempts to amass other large-scale data sets.
Ministers first announced in August 2023 that hackers had obtained the names and addresses of tens of millions of British voters in a breach of the electoral regulator’s systems that began in August 2021 but was only detected in October 2022. They had not previously attributed responsibility for the campaign.
Reforms to the UK’s espionage laws that are making their way through parliament and have been called for by Britain’s intelligence agencies have been partly informed by these latest malicious cyber campaigns.
The National Center for Cyber Security on Monday published updated cyber guidance on defending democracy for political organizations and bodies that coordinate the conduct of elections.