UK hits out at ‘unacceptable’ Chinese-backed cyber attacks on democracy
The UK announced sanctions against individuals and a front company linked to a Chinese hacking group.
Chinese spies are likely to use details stolen by hacking the elections watchdog to target dissidents and critics of Xi Jinping’s government in the UK, British intelligence services believe.
Beijing has been publicly blamed by the UK Government for targeting the Electoral Commission and also being behind a campaign of online “reconnaissance” aimed at the email accounts of MPs and peers.
A front company, Wuhan Xiaoruizhi Science and Technology Company, and two individuals, Zhao Guangzong and Ni Gaobin, linked to the APT31 hacking group have been sanctioned in response to the malicious cyber activity against the parliamentarians.
The Chinese ambassador has also been summoned to the Foreign Office to account for his country’s actions.
Deputy Prime Minister Oliver Dowden, who announced the measures in a Commons statement, said: “The UK will not tolerate malicious cyber activity targeting our democratic institutions.”
The Electoral Commission attack was identified in October 2022 but the hackers had been able to access the commission’s systems containing the details of tens of millions of voters for more than a year by that point.
The registers held at the time of the cyber attack include the name and address of anyone in the UK who was registered to vote between 2014 and 2022, as well as the names of those registered as overseas voters.
The National Cyber Security Centre (NCSC), part of GCHQ, said it was likely that Chinese state-affiliated hackers stole emails and data from the electoral register.
This, in combination with other data sources, was highly likely to have been used by Beijing’s intelligence services for large-scale espionage and transnational repression of perceived dissidents and critics based in the UK.
There is no suggestion the hack had any impact on the largely paper-based UK electoral system.
The separate campaign against MPs and peers in 2021 was almost certainly carried out by APT31, officials said, with the majority of those targeted being prominent critics of the Chinese government.
Parliament’s security department identified and mitigated the cyber campaign before any accounts could be compromised, the NCSC said.
Former Tory leader Sir Iain Duncan Smith, a member of the Inter-parliamentary Alliance on China (Ipac), said critics of the Beijing government “have been subjected to harassment, impersonation and attempted hacking from China for some time”, but MPs would not be “bullied into silence by Beijing”.
“Today’s announcement should mark a watershed moment where the UK takes a stand for values of human rights and the international rules-based system on which we all depend.”
Foreign Secretary Lord Cameron said: “It is completely unacceptable that China state-affiliated organisations and individuals have targeted our democratic institutions and political processes.
“While these attempts to interfere with UK democracy have not been successful, we will remain vigilant and resilient to the threats we face.”
Mr Dowden said: “I hope this statement helps to build wider awareness of how politicians and those involved in our democratic processes around the world are being targeted by state-sponsored cyber operations.”
The Chinese government strongly denied that it had carried out, supported or encouraged cyber attacks on the UK, describing the claims as “completely fabricated and malicious slanders”.
A spokesperson for China’s embassy in London said: “China has always firmly fought all forms of cyber attacks according to law. China does not encourage, support or condone cyber attacks. At the same time, we oppose the politicisation of cyber security issues and the baseless denigration of other countries without factual evidence.
“We urge the relevant parties to stop spreading false information and stop their self-staged, anti-China political farce.”
With local elections in May and a general election later this year, the NCSC has updated advice for political organisations including parties and thinktanks to reduce the risk of cyber attacks.
Home Secretary James Cleverly insisted the upcoming elections were “robust and secure”.
“The targeting of our democratic system is unacceptable and the NCSC will continue to call out cyber actors who pose a threat to the institutions and values that underpin our society.”
The APT31-linked front organisation and individuals will be hit with an asset freeze and travel ban under the sanctions regime.
The announcement increased Tory pressure on Rishi Sunak to take a tougher line on China, including labelling it as a threat to the UK.
On a visit to Barrow on Monday morning, the Prime Minister repeated the language used in the Government’s integrated review of defence and foreign policy: “We’ve been very clear that the situation now is that China is behaving in an increasingly assertive way abroad, authoritarian at home and it represents an epoch-defining challenge, and also the greatest state-based threat to our economic security.”