China issues ‘strong’ complaint over Western hacking claims
China insisted it ‘opposes and cracks down on all forms of cyberatacks’ and accused the US of using the Fiveeyes spying alliance ‘to compile, disseminate false information about threats from Chinese hackers’
China said it had issued a “strong” rebuke to the United States ater Washington and two key allies accused Beijing of being behind a series of hacks into lawmakers and key democratic institutions.
In rare and detailed public accusations against China - the United States, Britain and New Zealand described a series of cyber breaches over the last decade or more in what appeared to be a concerted effort to hold Beijing accountable.
In response, China insisted it “opposes and cracks down on all forms of cyberatacks” and accused the United States of using the Fiveeyes spying alliance “to compile and disseminate false information about threats from Chinese hackers.”
“China firmly opposes this, has made strong demarches with the United States and relevant parties,” foreign ministry spokesperson Lin Jian said.
Beijing, he warned, “will take necessary measures to safeguard China’s legitimate rights and interests.” Washington’s accusation on Monday detailed what it called a 14-year “prolific global hacking operation” designed to aid China’s “economic espionage and foreign intelligence objectives.”
Deputy Atorney General Lisa Monaco on Monday said the campaign involved more than 10,000 emails being sent, targeting US and foreign-based businesses, politicians, candidates for elected office and journalists.
Washington said a unit, dubbed APT31, was behind the atacks, describing it as a “cyberespionage programme” run by China’s powerful Ministry of State Security out of the central city of Wuhan.
It charged seven alleged hackers for their roles in gaining access to “email accounts, cloud storage accounts, and telephone call records,” the Justice Department said, monitoring some accounts for “years.”
Hours later, London said that from 2021-2022 the same APT31 group had targeted UK lawmakers’ accounts, including many who were critical of Beijing’s policies.
With Britain expected to hold a general election within months, UK Deputy Prime Minister Oliver Dowden also made a shock announcement that “a Chinese state-affiliated entity” had likely “compromised” the country’s
Electoral Commission.
He said that both campaigns against lawmakers and the Electoral Office, while a “real and serious threat”, were ultimately thwarted.
“It will not impact how people register, vote or otherwise participate in democratic processes,” Dowden said.
Two individuals and one company linked to APT31 have been hit with UK sanctions.
Britain said later Tuesday it had summoned China’s top envoy in London to condemn the series of cyber-atacks blamed on Beijing-linked hackers.
The Foreign Commonwealth and Development Office (FCDO) in London said in a statement that “the UK government would not tolerate such threatening activity.”
“Thefcdosetoutthegovernment’sunequivocal condemnation of Chinese state-affiliated organisations and individuals undertaking malicious cyber activity against UK democratic institutions and parliamentarians,” the statement read.
In its own announcement, New Zealand on Tuesday said its Parliamentary Counsel Office, which drats and publishes laws, had been compromised around the same period.
New Zealand, normally one of China’s strongest backers in the West, blamed the Chinese “state-sponsored group” APT40 for the atack.
Recently elected centre-right Prime Minister Christopher Luxon admited it was a “big step” to blame the cyber atack on China, his country’s biggest trade partner.
New Zealand Foreign Minister Winston Peters said he had instructed diplomats to “speak today to the Chinese Ambassador, to lay out our position and express our concerns.”
“That conversation has now taken place,” he said.
In recent years, Western nations have been increasingly willing to expose malicious cyber operations, and to point fingers at foreign governments - most notably China, Russia, North Korea and Iran.
Both Russia and China have been accused of using cutouts and off-site groups to carry out cyberatacks, making atribution more difficult.