The Biden administration hit alleged Chinese hackers with sanctions and criminal charges on Monday while the British government accused Beijing of hacking the U.K.’s electoral register to steal the personal details of tens of millions of voters, part of a global push by allies to condemn China’s expanding aggression in cyberspace.
The combined actions are the latest moves by Western governments to add pressure on Chinese President Xi Jinping for what American, British and European security officials have warned is an increasingly alarming worldwide hacking operation attributed to Chinese intelligence agencies.
Through its vast hacker army, Western officials say, China is seeking to not only conduct routine espionage but also preposition hackers in sensitive computer networks in preparation for a potential conflict and to weaken the functioning of democratic systems. The U.S. Treasury Department said it had imposed sanctions on Wuhan Xiaoruizhi Science and Technology, accusing it of posing as a front company for China’s Ministry of State Security to serve as a cover for multiple malicious cyberattacks.
The department also imposed sanctions on two Chinese nationals, Zhao Guangzong and Ni Gaobin, who it said were linked to the Wuhan-based company and had targeted U.S. critical infrastructure. The U.K. issued matching sanctions. The alleged hackers, alongside five other defendants, were also indicted on criminal charges unsealed by the U.S. Justice Department, and the U.S. State Department offered a $10 million reward for information about the group. “The United States will continue its work to disrupt the dangerous and irresponsible actions of cyber actors targeting critical infrastructure,” said Brian Nelson, a senior Treasury Department official.
“Through continued close coordination with our U.K. partners, and a unified, whole-of-government approach, we will protect our citizens from the catastrophic risks these reckless cyber activities pose.” The U.K.’s Electoral Commission last year said hackers had accessed the nation’s voter-registration records— which include the names and addresses of around 40 million people—as well as the commission’s email system and information about political donors.
The hackers accessed the system in 2021 but were detected only in late 2022, the commission said at the time. Britain’s Deputy Prime Minister Oliver Dowden on Monday said an unnamed cyber entity affiliated with the Chinese state orchestrated the hack. The U.K. government also said it was “almost certain” that a Chinese statelinked hacking team known as APT31 also undertook “reconnaissance activity” attempting to hack the emails of a group of British lawmakers who have been critical of Beijing.
APT stands for advanced persistent threat, shorthand for adversaries that are backed by nation-states. APT31 is a well-known group that officials said has been linked to previous attacks on American officials, politicians and campaigns, as well as U.S. economic and defense entities, academics and foreign democracy activists. The group was blamed for unleashing so-called phishing attacks on Biden campaign staffers during the 2020 presidential election, seeking to gain access to their email accounts.
It has also been linked to damaging attacks in recent years on government systems in Norway and Finland and accused of plundering valuable intellectual property from corporate targets. The decision to go public is a reminder of the growing alarm inside Western governments at China’s increasingly brazen cyber strategy. Intelligence chiefs on both sides of the Atlantic have been publicly warning that the Chinese state is running the biggest hacking campaign in the world and that it represents a serious threat to both national security and private businesses.
Of particular concern, officials have said, is what hackers burrowed into sensitive critical-infrastructure networks could do in the event of a serious conflict, such as over Taiwan. U.K. officials aren’t sure what China will do with the data it gleaned from hacking its electoral register.
However, they fear that the electoral data could be merged with other information to better target critics of the Chinese state living
Leave a Reply