US and UK accuse Chinese of huge campaign of cyberspying
Sanctions imposed as White House staffers are among the alleged targets
US and UK officials yesterday filed charges, imposed sanctions, and accused Beijing of a sweeping cyber-espionage campaign that allegedly hit millions of people including lawmakers, academics and journalists, and companies including defence contractors.
Authorities on both sides of the Atlantic nicknamed the hacking group Advanced Persistent Threat 31 or “APT31”, calling it an arm of China’s Ministry of State Security.
Officials reeled off a laundry list of targets: White House staffers, US senators, UK parliamentarians, and government officials across the world who criticised Beijing. Defence contractors, dissidents and security companies were also hit, the officials said.
The aim of the global hacking operation was to “repress critics of the Chinese regime, compromise government institutions, and steal trade secrets”, deputy US attorney general Lisa Monaco said in a statement.
Officials in London accused APT31 of hacking UK lawmakers critical of China and said that a second group of Chinese spies was behind the hack of the UK’s electoral watchdog that separately compromised the data of millions more people in the UK.
Chinese diplomats in the UK and the US dismissed the allegations as unwarranted.
Reuters was not immediately able to locate contact information for the seven alleged hackers being charged by the Department of Justice.
The announcements were made as both the UK and the US imposed sanctions on a firm they said was a Ministry of State Security front company tied to the hacking activity.
The US Treasury Department in a statement said the sanctions were on Wuhan Xiaoruizhi Science and Technology, as well as on two Chinese nationals.
“Today’s announcement exposes China’s continuous and brash efforts to undermine our nation’s cybersecurity and target Americans and our innovation,” FBI director Christopher Wray said in a statement.
Tensions over issues relating to cyber-espionage have been rising between Beijing and Washington, as western intelligence agencies have increasingly sounded the alarm on alleged Chinese state-backed hacking activity.
China has also begun in recent years to call out alleged western hacking operations.
For example, last year, the Ministry of State of Security claimed that the US National Security Agency had repeatedly penetrated Chinese telecommunication giant Huawei Technologies.
US prosecutors listed numerous unnamed victims around the globe who had been targeted, but several stand out in the indictment.
In 2020, the Chinese hackers targeted staffers working for a US presidential campaign, prosecutors wrote.
The disclosure matches public reporting at the time by Google that Chinese hackers sent malicious emails to the campaign of current President Joe Biden, but no compromise had been detected.
Another alleged mission involved the hacking of an American firm known for public opinion research in 2018, the same year of a US midterm election.