Business News

US, Britain accuse China of cyberespionage campaign


The United States and Britain imposed sanctions on China’s elite hacking units on Monday, accusing Beijing’s main spy agency of working for years to introduce malware into power grids , US defense systems and other critical infrastructure, and stealing the electoral rolls of 40 million British citizens. .

Taken together, the actions on both sides of the Atlantic underscored the escalating cyber conflict between Western allies and Beijing, in very different areas.

U.S. intelligence agencies have warned that malware discovered in U.S. infrastructure appeared to be intended for use if the United States came to the aid of Taiwan. The theory is that Americans would be too concerned about their own electricity, food and water supplies to help a distant island that Beijing claims as its own.

Separately, the Justice Department has indicted Chinese hackers for what Attorney General Merrick B. Garland called a 14-year effort to “target and intimidate” critics of Beijing around the world.

The motive for the British intrusion was more mysterious. This attack involved the theft of voter registration data – primarily the names and addresses – of tens of millions of people, as well as an attempted hack into MPs’ accounts. Britain revealed voter hacking long ago, but never clarified who was responsible.

On Monday, he announced sanctions against the same state-led group involved in US hacking, a harsh rebuke that underlined the hardening of Britain’s stance towards China since British leaders announced a “Golden age» in relations between the countries almost ten years ago.

Deputy Prime Minister Oliver Dowden announced sanctions against two individuals and a company, which he said targeted Britain’s election watchdog and lawmakers. The Foreign Ministry summoned the Chinese ambassador for a diplomatic review. But there is no indication that the hackers attempted to manipulate votes or change registration data, suggesting they were simply testing their ability to steal vast databases of information.

“This is the latest in a clear series of hostile activities originating from China,” Mr Dowden told Parliament. “Part of our defense is to call out this behavior.”

This alone constitutes a change: under the Obama administration, the United States was reluctant to identify China as the source of a hack of the Office of Personnel Management, which lost more than 22 million clearance files security measures on U.S. officials and contractors who handled everything from nuclear operations to trade negotiations. And Britain, which sought to increase trade with China after Brexit, was just as reluctant.

But today, the United States is increasingly aware of the dangers. Cabinet secretaries and intelligence chiefs began testifying publicly before Congress about an operation called Volt Typhoon, a threat that has concerned President Biden and his team for over a year, as they sought to clean up Chinese code from critical systems.

And increasingly, the United States is coordinating with Britain, Canada, Australia and other allies to confront China’s hacking, fearing that the growing pace of activity will relatively little attention as leaders are consumed by the war in Ukraine and over the past six months. month, the Israel-Hamas conflict.

Military and intelligence officials said Republicans’ reluctance to provide new funds to Ukraine to push back against Russia could encourage Chinese leaders to think that fueling isolationism in the United States would require little effort. .

On Monday, a spokesperson for the Chinese Foreign Ministry, Lin Jian, described British reports of Chinese computer hacks as “fake news”.

“When investigating and determining the nature of cyber incidents, there must be adequate objective evidence,” Lin said, “without defaming other countries without factual basis, let alone politicizing cybersecurity issues.”

In announcing the sanctions, the Treasury Department described state-sponsored malicious cyber actors as “one of the most significant and persistent threats to United States national security.”

But curiously, Mr. Biden has never spoken at length about the issue in public — perhaps for fear of causing panic or being accused of exploiting the threat in an election year. Instead, the Department of Homeland Security, the FBI and the National Security Agency have issued specific warnings to companies about what to look for in their systems.

The sanctions were unveiled as the Justice Department announced charges against seven Chinese nationals accused of conspiring to commit computer intrusions and wire fraud.

The hackers were part of a group known as Advanced Persistent Threat 31, or APT31, which has targeted U.S. businesses, government and political officials, candidates and campaign staff for 14 years.

“This case is a reminder of the lengths to which the Chinese government is willing to go to target and intimidate its critics, including launching malicious cyber operations aimed at threatening the national security of the United States and our allies,” Mr. Garland said in a statement. communicated. A declaration.

According to the Justice Department, hackers deployed more than 10,000 emails containing hidden tracking links that could, if opened, compromise a recipient’s electronic device. Their operation targeted a Justice Department official, senior White House officials and several US senators.

The Treasury Department added Wuhan Xiaoruizhi Science and Technology Company to its sanctions list and described it as a “front company” for China’s Ministry of State Security, which ran the cyberespionage operation. The ministry has become Beijing’s largest hacking operation, after a major investment by the Chinese government, according to US intelligence agencies.

The ministry – under the direct control of Chinese leaders – is take over from the People’s Liberation Armywho led most of the espionage attacks against American companies, intended to steal corporate secrets or defense projects.

The sanctions against China come as the Biden administration attempts to stabilize relations with Beijing, seeking areas of cooperation to combat the flow of fentanyl and combat climate change. That effort began to bear fruit with Mr. Biden’s meeting with President Xi Jinping in California late last year, during which he warned Mr. Xi against intrusions into U.S. infrastructure . Chinese authorities have denied any involvement.

Why China would seek the names and addresses of British voters is somewhat puzzling, especially since this information is readily available from data brokers. The Electoral Commission said the names and addresses of everyone registered to vote in Britain and Northern Ireland between 2014 and 2022 had been retrieved, as well as those of overseas voters.

The commission had previously said the data contained in the electoral rolls was limited and noted that much of it was already in the public domain. However, he added that it was possible that the data could be combined with other publicly available information, “such as that which individuals choose to share themselves, to infer patterns of behavior or to identify and profile individuals”.

John Pullinger, chairman of the Electoral Commission, said the hacking incident would not affect how people register, vote or participate in democratic processes. But he added in a statement that this announcement “demonstrates the international threats to the United Kingdom’s democratic process and its institutions” and that the commission remained “vigilant to the risks”.

As well as infiltrating the Electoral Commission, Mr Dowden confirmed that the Chinese had unsuccessfully attempted to hack into the email accounts belonging to several MPs.

Although he did not name the lawmakers, they are likely to be Iain Duncan Smith, former leader of the Conservative Party; Tim Loughton, former Conservative education minister; and Stewart McDonald, a member of the Scottish National Party – all of whom have a history of making hawkish statements towards China.

Mr. Dowden said British officials had determined it was “almost certain” that APT31 had conducted reconnaissance against lawmakers in 2021.

“The majority of those targeted spoke out against China’s malicious activities,” he added. “No parliamentary accounts have been compromised.”

Mr Duncan Smith said China should “immediately be labeled a threat”, which would go beyond the language used. in a review of British foreign policywho said last year that Beijing “poses a systemic and historic challenge.”

The report was provided by Christopher Buckley from Taipei, Taiwan, Alan Rappport from Washington, Karen Zraick from New York and Étienne Castle from London.


Related Articles

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top button