US and UK Announce Sanctions Over China-Linked Hacks on Election Watchdog and Lawmakers
london — The U.S. and British governments on Monday announced sanctions against a company and two people linked to the Chinese government over a string of malicious cyberactivity targeting the U.K.’s election watchdog and lawmakers in both countries.
Officials said those sanctioned are responsible for a hack that may have gained access to information on tens of millions of U.K. voters held by the Electoral Commission, as well as for cyberespionage targeting lawmakers who have been outspoken about threats from China.
The Foreign Office said the hack of the election registers “has not had an impact on electoral processes, has not affected the rights or access to the democratic process of any individual, nor has it affected electoral registration.”
The Electoral Commission said in August that it identified a breach of its system in October 2022, though it added that “hostile actors” had first been able to access its servers in 2021.
At the time, the watchdog said the data included the names and addresses of registered voters. But it said that much of the information was already in the public domain.
In Washington, the Treasury Department said it sanctioned Wuhan Xiaoruizhi Science and Technology Company Ltd., which it calls a Chinese Ministry of State Security front company that has “served as cover for multiple malicious cyberoperations.”
It named two Chinese nationals, Zhao Guangzong and Ni Gaobin, affiliated with the Wuhan company, for cyberoperations that targeted U.S. critical infrastructure sectors including defense, aerospace and energy.
The U.S. Justice Department charged Zhao, Ni, and five other hackers with conspiracy to commit computer intrusions and wire fraud. It said they were part of a 14-year long cyber operation “targeting U.S. and foreign critics, businesses and political officials.”
“Today’s announcements underscore the need to remain vigilant to cybersecurity threats and the potential for cyber-enabled foreign malign influence efforts, especially as we approach the 2024 election cycle,” Assistant Attorney General Matthew G. Olsen said.
British authorities did not name the company or the two individuals. But they said the two sanctioned individuals were involved in the operations of the Chinese cyber group APT31 — an abbreviation for “advanced persistent threat.” The group is also known as Zirconium or Hurricane Panda.
APT31 has previously been accused of targeting U.S. presidential campaigns and the information systems of Finland’s parliament, among others.
British cybersecurity officials said that Chinese government-affiliated hackers “conducted reconnaissance activity” against British parliamentarians who were critical of Beijing in 2021. They said no parliamentary accounts were successfully compromised.
Three lawmakers, including former Conservative Party leader Iain Duncan Smith, told reporters Monday they have been “subjected to harassment, impersonation and attempted hacking from China for some time.” Duncan Smith said in one example, hackers impersonating him used fake email addresses to write to his contacts.
The politicians are members of the Inter-Parliamentary Alliance on China, an international pressure group focused on countering Beijing’s growing influence and calling out alleged rights abuses by the Chinese government.
Britain’s Deputy Prime Minister Oliver Dowden said his government will summon China’s ambassador to account for its actions.
China’s Ministry of Foreign Affairs said ahead of the announcement that countries should base their claims on evidence rather than “smear” others without factual basis.
“Cybersecurity issues should not be politicized,” ministry spokesperson Lin Jian said. “We hope all parties will stop spreading false information, take a responsible attitude and work together to maintain peace and security in cyberspace.”
British Prime Minister Rishi Sunak reiterated that China is “behaving in an increasingly assertive way abroad” and is “the greatest state-based threat to our economic security.”
“It’s right that we take measures to protect ourselves, which is what we are doing,” he said, without providing details.
China critics including Duncan Smith have long called for Sunak to take a tougher stance on China and label the country a threat — rather than a “challenge” — to the U.K., but the government has refrained from using such critical language.
…