US and UK announce sanctions over China-linked hacks on officials, lawmakers and election watchdog
LONDON — The U.S. and British governments on Monday announced sanctions against a company and two individuals linked to the Chinese government over a string of malicious cyberactivity , detailing a yearslong state-backed operation that targeted officials, lawmakers and the U.K.'s election watchdog.
British officials said those sanctioned are responsible for a hack that may have gained access to information on tens of millions of U.K. voters held by the Electoral Commission, as well as for cyberespionage targeting lawmakers who have been outspoken about threats from China.
The Foreign Office said the hack of the election registers “has not had an impact on electoral processes, has not affected the rights or access to the democratic process of any individual, nor has it affected electoral registration.”
The Electoral Commission said in August that “hostile actors” had gained access to its servers from around 2021 to 2022.
At the time, the watchdog said the data included the names and addresses of registered voters. But it said that much of the information was already in the public domain.
In Washington, the Treasury Department said it sanctioned Wuhan Xiaoruizhi Science and Technology Company Ltd., which it calls a Chinese Ministry of State Security front company that has “served as cover for multiple malicious cyberoperations.”
It named two Chinese nationals, Zhao Guangzong and Ni Gaobin, affiliated with the Wuhan company, for cyberoperations that targeted U.S. critical infrastructure sectors including defense, aerospace and energy.
U.S. and British authorities said the two sanctioned individuals were involved in the operations of the Chinese cyber group APT31 — an abbreviation for “advanced persistent threat.” The group is also known as Zirconium or Hurricane Panda.
APT31 has previously been accused of targeting U.S. presidential campaigns and the information systems of Finland’s parliament , among others.
The U.S. Justice Department charged Zhao, Ni, and five other hackers with conspiracy to commit computer intrusions and wire fraud. It said they were part of a 14-year long cyber operation “targeting U.S. and foreign critics, businesses, and political officials.”
U.S. officials said the seven hackers and others in the APT31 group targeted thousands of U.S. and foreign individuals and companies, including staff in the White House, Treasury, Justice and State Departments, and politicians of both main political parties as well as their spouses.
“Today’s announcements underscore the need to remain vigilant to cybersecurity threats and the potential for cyber-enabled foreign malign influence efforts, especially as we approach the 2024 election cycle," Assistant Attorney General Matthew G. Olsen said.
British cybersecurity officials also said that APT31 hackers “conducted reconnaissance activity” against British parliamentarians who were critical of Beijing in 2021. They said no parliamentary accounts were successfully compromised.
Three lawmakers, including former Conservative Party leader Iain Duncan Smith, told reporters Monday they have been "subjected to harassment, impersonation and attempted hacking from China for some time.” Duncan Smith said in one example, hackers impersonating him used fake email addresses to write to his contacts.
The politicians are members of the Inter-Parliamentary Alliance on China, an international pressure group focused on countering Beijing's growing influence and calling out alleged rights abuses by the Chinese government.
Britain’s Deputy Prime Minister Oliver Dowden said his government will summon China’s ambassador to account for its actions.
China’s Ministry of Foreign Affairs said ahead of the announcement that countries should base their claims on evidence rather than “smear” others without factual basis.
“Cybersecurity issues should not be politicized,” ministry spokesperson Lin Jian said. “We hope all parties will stop spreading false information, take a responsible attitude, and work together to maintain peace and security in cyberspace.”
British Prime Minister Rishi Sunak reiterated that China is “behaving in an increasingly assertive way abroad” and is “the greatest state-based threat to our economic security.”
“It’s right that we take measures to protect ourselves, which is what we are doing," he said, without providing details.
China critics including Duncan Smith have long called for Sunak to take a tougher stance on China and label the country a threat — rather than a “challenge” — to the U.K., but the government has refrained from using such critical language.