Chinese state-affiliated hackers [1] [3] [4] [5] [6] [7] [8], specifically the cyber group APT31, targeted UK democratic institutions and parliamentarians in 2021 and 2022.
Description
Former Conservative Party leader Iain Duncan Smith reported incidents of harassment [10], impersonation [10], and attempted hacking from China [10]. The National Cyber Security Centre (NCSC) identified a group infiltrating the UK Electoral Commission’s IT systems [6], compromising data from approximately 40 million individuals. The breach, discovered in October 2022, revealed that hostile actors had accessed servers as far back as 2021, compromising voter names and addresses. The UK government, in collaboration with global allies, formally accused China of orchestrating “malicious” cyber campaigns targeting democratic systems. Deputy Prime Minister Oliver Dowden condemned the attacks as “completely unacceptable,” leading to sanctions against two individuals and a company linked to APT31. The US also charged seven Chinese nationals linked to APT31 with conspiracy to commit computer intrusions [6]. Other countries reported similar cyber targeting by China [8], prompting calls for a tougher stance on Chinese espionage and interference in parliamentary affairs. The Chinese government denied involvement in the cyber-attacks, dismissing the accusations as “false information.” The UK government faced criticism for its response to the attacks, prompting calls for further sanctions and the designation of China as a threat [8]. The NCSC released new ‘Defending Democracy’ guidance to enhance cybersecurity measures against cyber-attacks targeting democratic processes [7]. Attorney General Merrick Garland emphasized that the US Justice Department will not tolerate Chinese government efforts to intimidate Americans [9], silence dissidents [9], or steal from American businesses [9]. Critics have called for tougher action against China [1], with some MPs describing the response as inadequate [1]. The government has been urged to take a more robust and consistent approach to China [1], recognizing the country as a significant threat to national security [1]. US officials have brought criminal cases against Chinese government-affiliated hackers in the past [5], expressing concerns about potential meddling in presidential politics [5]. Despite the indictment unsealed on Monday [5], there is no allegation that the hacking was part of a Chinese government influence operation against the US [5]. Assistant Attorney General Matthew Olsen emphasized the need to remain vigilant against cybersecurity threats and foreign malign influence efforts [5], especially as the 2024 election cycle approaches [5]. The UK government views China as a significant state-based threat to economic security [2].
Conclusion
The cyberattacks by Chinese state-affiliated hackers have had significant impacts on UK democratic institutions and parliamentarians, leading to calls for tougher action against China. The response to these attacks has highlighted the need for enhanced cybersecurity measures and a more robust approach to countering cyber threats. The implications of these cyberattacks extend to future elections and national security considerations, emphasizing the importance of remaining vigilant against foreign malign influence efforts.
References
[1] https://www.independent.co.uk/news/uk/politics/china-cyberattack-hack-electoral-commission-b2518002.html
[2] https://www.euronews.com/next/2024/03/25/china-linked-to-cyber-attack-on-uk-election-watchdog-as-us-and-uk-retaliate-with-sanctions
[3] https://techcrunch.com/2024/03/25/uk-government-electoral-breach-voter-data-china/
[4] https://www.gov.uk/government/news/uk-holds-china-state-affiliated-organisations-and-individuals-responsible-for-malicious-cyber-activity
[5] https://abcnews.go.com/Business/wireStory/us-uk-announce-sanctions-china-linked-hacks-election-108471579
[6] https://www.computerweekly.com/news/366575299/Chinese-hackers-responsible-for-two-malicious-cyber-campaigns-against-UK
[7] https://www.infosecurity-magazine.com/news/uk-blames-china-for-2021-electoral/
[8] https://www.bbc.co.uk/news/uk-politics-68654533
[9] https://apnews.com/article/uk-china-cyberattacks-parliament-election-770e7b00454b63ad424000feecddd0c1
[10] https://www.aljazeera.com/news/2024/3/25/us-uk-sanction-alleged-china-based-hackers-for-targeting-voters-critics
