The U.S. and British governments on Monday announced sanctions against a company and two people linked to the Chinese government over a string of malicious cyberactivity targeting the U.K.’s election watchdog and lawmakers in both countries.
Officials said those sanctioned are responsible for a hack that may have gained access to information on tens of millions of U.K. voters held by the Electoral Commission, as well as for cyberespionage targeting lawmakers who have been outspoken about the China threat.
The Foreign Office said the hack of the election registers “has not had an impact on electoral processes, has not affected the rights or access to the democratic process of any individual, nor has it affected electoral registration.”
The Electoral Commission said in August that it identified a breach of its system in October 2022, though it added that “hostile actors” had first been able to access its servers since 2021.
At the time, the watchdog said the data included the names and addresses of registered voters. But it said that much of the information was already in the public domain.
In Washington, the Treasury Department said it sanctioned Wuhan Xiaoruizhi Science and Technology Company Ltd., which it calls a Chinese Ministry of State Security front company that has “served as cover for multiple malicious cyberoperations.”
It named two Chinese nationals, Zhao Guangzong and Ni Gaobin, affiliated with the Wuhan company, for cyberoperations that targeted U.S. critical infrastructure sectors, “directly endangering U.S. national security.”
Zhao, Ni and five other Chinese nationals were hit with federal charges Monday. An indictment brought by federal prosecutors in Brooklyn alleges that the seven men were Chinese intelligence officers who engaged in a yearslong campaign targeting top White House officials, U.S. senators and the spouses of high-ranking members of the Justice Department, among others.
The suspects are accused of sending tracking emails purported to be from prominent U.S. journalists, which contained legitimate news articles from publications like CNN and VOX. The emails also contained embedded hyperlinks that, when opened, would transmit information about the recipients to a server controlled by the suspects, the indictment says.
One of the group’s alleged campaigns took place from June to September 2018 when they sent more than 10,000 messages to a wide range of targets including Democratic and Republican senators from more than 10 states and the spouses of various government administrators including a high-ranking Department of Justice official, high-ranking White House officials and multiple United States senators.
“These allegations pull back the curtain on China’s vast illegal hacking operation that targeted sensitive data from U.S. elected and government officials, journalists and academics; valuable information from American companies; and political dissidents in America and abroad,” U.S. Attorney Breon Peace said in a statement.
Chinese Embassy spokesperson Liu Pengyu said her government “firmly opposes and cracks down on all forms of cyberattacks in accordance with law.”
“Without valid evidence, the U.S. jumped to an unwarranted conclusion and made groundless accusations against China,” Liu added. “It is extremely irresponsible and is a complete distortion of facts.”
Separately, British cybersecurity officials said that Chinese government-affiliated hackers “conducted reconnaissance activity” against British parliamentarians who are critical of Beijing in 2021. They said no parliamentary accounts were successfully compromised.
Three lawmakers, including former Conservative Party leader Iain Duncan Smith, told reporters Monday they have been “subjected to harassment, impersonation and attempted hacking from China for some time.” Duncan Smith said in one example, hackers impersonating him used fake email addresses to write to his contacts.
The politicians are members of the Inter-Parliamentary Alliance on China, an international pressure group focused on countering Beijing’s growing influence and calling out alleged rights abuses by the Chinese government.
Ahead of that announcement, Prime Minister Rishi Sunak reiterated that China is “behaving in an increasingly assertive way abroad” and is “the greatest state-based threat to our economic security.”
“It’s right that we take measures to protect ourselves, which is what we are doing,” he said, without providing details.
China critics including Duncan Smith have long called for Sunak to take a tougher stance on China and label the country a threat — rather than a “challenge” — to the U.K., but the government has refrained from using such critical language.
Responding to the reports, China’s Ministry of Foreign Affairs said countries should base their claims on evidence rather than “smear” others without factual basis.
“Cybersecurity issues should not be politicized,” ministry spokesperson Lin Jian said. “We hope all parties will stop spreading false information, take a responsible attitude, and work together to maintain peace and security in cyberspace.”
Source: NBC News