The UK has accused Chinese hackers of trying to break into email accounts of UK parliamentarians who are critical of China and says a separate Chinese entity is behind a hack of its electoral watchdog that compromised millions of people’s data.
In response to the attempted hack in 2021 of emails belonging to UK politicians who are critical of China, the UK imposed sanctions on two people and one company linked to state-backed Chinese hacking group APT31.
The UK also said an unidentified Chinese state-affiliated hacking group was behind a separate 2021-2022 cyber-attack on the UK’s Electoral Commission.
That hack was disclosed last year but the UK had not previously said who was responsible.
New Zealand has also reported a Chinese government-backed cyberattack on its parliament and MPs, the first time Kiwi intelligence agencies have pinned Beijing for trying to compromise its democratic institutions.
However, unlike similar attacks made public by the UK and US overnight, the government has no plans to retaliate beyond disclosing the incident.
Following news of the UK attack, deputy prime minister Oliver Dowden told parliament the attacks “demonstrate a clear and persistent pattern of behaviour that signals hostile intent from China,” adding the foreign office had summoned the Chinese ambassador to explain.
The Chinese embassy in London said the claims were ”completely fabricated” and “malicious slanders”.
Australian and NZ ministers condemned China for its cyberattacks aimed at the UK, which appear to be the most serious aired in the past 24 hours.
“This behaviour is unacceptable and must stop,” foreign affairs minister Penny Wong said.
Speaking at the Australian Cyber Conference in Canberra, the nation’s cyber affairs and critical technology ambassador Brendan Dowling said it is vital countries confront threats head-on.
“Targeting democratic processes of democratic bodies or members of parliament is a red line in cyberspace,” Dowling said. “This is something that we have been clear that the international community has been clear is unacceptable.
“This morning, we’ve called on China’s bad actors to stop targeting of democratic institutions. This is at the heart of how our nation functions. It is something that we consider sacrosanct in the cyber realm.”
Dan Lomas, an intelligence and security analyst at the University of Nottingham, said the UK’s decision to call China out publicly showed the government was willing to challenge officials in Beijing.
It is “unlikely that sanctions and harsh words will significantly alter trade between the UK and China,” he said.
“But we are going to see a war of words.”
The UK government is attempting to strike a delicate balance between trying to neutralise security threats posed by China while maintaining or even enhancing engagement in some areas such as trade, investment and climate change.
But there has been growing anxiety about the Chinese government’s alleged espionage activity in the UK, particularly ahead of a general election expected later this year.
Last month, security officials told Reuters that the US government had launched an operation to fight a pervasive Chinese hacking operation that compromised thousands of internet-connected devices.
Days later, Dutch intelligence agencies said Chinese cyberspies had gained access to a military network in the Netherlands in what they said was a trend of Chinese political espionage.
APT31, the Chinese hacking group the UK claims was behind the targeting of MPs’ emails, has a history of spying on politicians and their staff.
In 2020, security researchers at Google and Microsoft warned that the group had targeted the personal emails of campaign staff working for US president Joe Biden.
According to US cybersecurity firm Secureworks, APT31 has also targeted legal, consulting and software development firms.
The UK has spent the last year trying to improve ties with China after the relationship sunk to its lowest point in decades under former prime minister Boris Johnson, when the UK restricted some Chinese investment over national security worries and expressed concern over a crackdown on freedoms in Hong Kong.
Meanwhile, New Zealand prime minister Chris Luxon said airing publicly what happened was a first for the country and “a very big first step”.
“We’re calling out where we see malicious cyber activity from any state that attacks our democratic institutions,” he said.
On Tuesday morning, Judith Collins, the minister responsible for NZ’s intelligence agencies, revealed an August 2021 attack by APT40, a cyberespionage outfit based in China’s Hainan province.
The group targeted the parliament’s law writers — the counsel office — and the parliamentary service, including MPs.
Intelligence agency Government Communications Security Bureau (GCSB) director general Andrew Clark said APT40 retrieved some data in the attack but not “sensitive or strategic” information.
“Analysis of the tactics and techniques used by the actor enabled us to confidently link the actor to (China) … reinforced by analysis from international partners of similar events in their own jurisdictions,” he said.
Clark said it was the first time they believed China had tried to attack a New Zealand government agency, and Kiwi officials subdued the threat quickly.
Luxon said NZ would not escalate the matter, and making the incidents public was the appropriate step.
“Putting sunlight on it and calling it out is actually a very good thing,” he said.
China is yet to respond to the matter.
Luxon said it did not change his thinking on how NZ would interact with China, nor would it derail trips by the trade minister, the foreign minister and himself in the coming months.
“We’ve been very clear-eyed about our approach in managing the relationship with China,” Luxon said.
“We’ve got a long-standing complex relationship with China.
“We collaborate and cooperate where we can on issues around trade and on climate, but obviously we also have differences and we call those out consistently.
“We have a very constructive relationship about developing trade on a range of other issues and we’ll continue to do that.”
Collins said despite the attack, China remained “a very good friend”.
“It is totally unacceptable … our democratic institutions are absolutely sacrosanct to us and we are going to do whatever we can,” she said.
Foreign minister Winston Peters also labelled it unacceptable”, though neither he nor the prime minister raised the issue with Chinese foreign minister Wang Yi on his official visit last week.
Instead, New Zealand’s formal objections were registered by foreign affairs department officials to China’s ambassador in Wellington on Tuesday.
Former prime minister Chris Hipkins, who met president Xi Jinping in 2023, also chose not to raise the matter when he travelled to Beijing.
“We raised a range of uncomfortable issues (but) there will always be more things you can raise,” he said.
Australian Associated Press
READ MORE:
Cybersecurity scholarships to boost workforce and promote diversity
Any feedback or news tips? Here’s where to contact the relevant team.