Over the years, Chinese state-backed hackers have stolen vast amounts of corporate secrets, political intelligence and the personal information of millions of people. U.S. and British officials on Monday expanded a long list of hacking accusations, claiming China was responsible for breaching Britain’s election watchdog and gaining access to the data of 40 million people. The two countries have also filed a series of criminal charges and sanctions against a separate Chinese group following years of hacking attacks.
In August last year, the UK Electoral Commission revealed that “hostile actors” had infiltrated its systems in August 2021 and had the potential to access sensitive data for 14 months until being removed in October 2022. Deputy Prime Minister Oliver Dowden told lawmakers on Monday that a Chinese state-backed group was responsible for the attack. Additionally, Dowden said British intelligence has identified the Chinese hacker group APT31 as targeting the email accounts of politicians in 2021.
Dowden said in the British House of Commons: “This is the latest example of clearly malicious cyber activity by Chinese state-owned organizations and individuals targeting democratic institutions and parliamentarians in the UK and elsewhere.” At the same time, the UK has charged two individuals related to APT31 and One company imposed sanctions.
In addition to the UK’s announcement on Monday, the U.S. Department of Justice and Treasury Department’s Office of Foreign Assets Control also announced further actions against APT31, also known as Violet Typhoon, Bronze Goodwood and Trial Panda, including charges Seven Chinese nationals conspired to commit computer intrusion and wire fraud.
The U.S. Department of Justice alleges that the hacking group, which is linked to China’s Ministry of State Security (MSS) spy agency, has been conducting a wide-ranging espionage campaign targeting thousands of critics, businesses and political entities around the world for 14 years. This included posing as a journalist and sending over 10,000 malicious emails that tracked recipients, compromising email accounts, cloud storage accounts, phone call records, home routers, and more. The Justice Department said the spouse of a senior White House official and the spouses of multiple U.S. senators were also targeted.
“These charges unravel the truth about China’s massive illegal hacking campaign targeting sensitive data of U.S. elected and government officials, journalists and academics; valuable information from U.S. companies; and political dissidents in the U.S. and abroad,” Eastern District of New York U.S. Attorney Breon Peace said in a statement. “Their nefarious schemes victimized thousands of people and entities around the world and continued for more than a decade.”
The moves come amid growing warnings that China-related espionage will increase as more than 100 countries hold major elections this year. The officials’ statement focused on the hacking’s impact on the democratic process, including compromises targeting elected officials around the world and pro-democracy activists and lawmakers in Hong Kong. However, the revelations also coincide with ongoing debate among Western politicians over pro- or anti-China stances, including a proposed sale of TikTok to a U.S. company that could lead to a ban on the popular app.