For years, Chinese state-backed hackers have stolen vast amounts of trade secrets, political intelligence and the personal information of millions of people. On Monday, officials in the United States and Britain added to the long list of hacking allegations, claiming China is responsible for breaching Britain’s election watchdog and gaining access to the data of 40 million people. The countries also issued a series of criminal charges and sanctions against a separate Chinese group following a years-long hacking rampage.
In August last year, the British Electoral Commission revealed “Hostile actors” infiltrated the systems in August 2021 and may have had access to sensitive data for 14 months until they were disabled in October 2022. Deputy Prime Minister Oliver Dowden told lawmakers on Monday that a Chinese state-backed actor was responsible for the attack. Additionally, Dowden said, British intelligence agencies determined that the Chinese hacking group APT31 targeted politicians’ email accounts in 2021.
“This is the latest in a clear pattern of malicious cyber activity by Chinese state-linked organizations and individuals targeting democratic institutions and parliamentarians in Britain and beyond,” Dowden said in the House of Commons. The revelations were accompanied by Britain imposing sanctions on two individuals and one company linked to APT31.
In addition to Britain’s announcement on Monday, the US Department of Justice and the Treasury Department’s Office of Foreign Assets Control unveiled further action against APT31, also known as Violet Typhoon, Bronze Vinewood and Judgment Panda, including charging seven Chinese subjects of the conspiracy to commit computer burglaries and wire fraud.
The DOJ alleges that the hacking group, which is linked to the spy agency of China’s Ministry of State Security (MSS), has targeted thousands of critics, companies and political entities around the world in widespread espionage campaigns for 14 years. This includes impersonating journalists to send more than 10,000 malicious emails that trace recipients, compromising email accounts, cloud storage accounts, phone call records, home routers, and more. The spouses of a senior White House official and those of several U.S. senators were also targeted, the DOJ said say.
“These allegations pull back the curtain on China’s massive illegal hacking operation that targeted sensitive data of U.S. elected and government officials, journalists and academics; valuable information from American companies; and political dissidents in America and abroad,” Breon Peace, a U.S. attorney for the Eastern District of New York, said in a statement. “Their sinister plan has victimized thousands of people and entities around the world and lasted more than a decade.”
These steps come as countries increasingly warn about a increase connected in China espionage, during a year in which more than a hundred countries will organize major elections. Statements from officials focus on the impact of the hacking activities on democratic processes, including targeting elected officials around the world and compromising pro-democracy activists and lawmakers in Hong Kong. However, the revelations also coincide with the continued pushback from Western politicians about pro- or anti-China positionsincluding the proposed sale of TikTok to a US company, which could result in a ban on the popular app if the sale does not go through.