Accusations have been made against hackers supported by Chinese government spy agencies by the United States and Britain for executing a prolonged cyberattack campaign aimed at politicians, journalists, and businesses.
The US disclosed that the operation was directed at political dissidents and critics of China through sophisticated phishing campaigns, leading to the compromise of certain email systems and networks.
Sanctions were imposed by the US government on the suspected hackers behind the scheme on Monday. The UK has sanctioned two individuals and a front company associated with APT31, a cyber espionage group connected to China’s Ministry of State Security.
On Tuesday, New Zealand’s government conveyed concerns to the Chinese government regarding its involvement in attacks targeting the country’s parliamentary institutions in 2021.
The US Treasury Department’s Office of Foreign Assets Control announced sanctions against Wuhan Xiaoruizhi Technology Co., described as a front for China’s Ministry of National Security, for being involved in multiple malicious cyber operations.
In a press release and an unsealed indictment, the US government accused China of running an extensive state-sponsored hacking program dating back over a decade. US Attorney General Merrick Garland mentioned that the hacking operation revealed the Chinese government’s intention to target and intimidate its critics.
The Treasury Department identified two Chinese nationals affiliated with a Wuhan company, Zhao Guangzong and Ni Gaobin, for engaging in cyber operations targeting critical US infrastructure sectors. These threats were attributed to the cyber hacking group APT 31, known as “Advanced Persistent Threat” and comprising state-sponsored contract hackers and operatives.
The department stated, “APT 31 targets a wide range of US government officials and their advisors crucial to US national security.”
Zhao, Ni, and five other hackers have been charged by the US Department of Justice with computer intrusion and conspiracy to commit wire fraud for their involvement in a 14-year cyber operation targeting US and foreign critics, businesses, and political officials.
Assistant Secretary Matthew G. Olsen highlighted the necessity to remain vigilant against cybersecurity threats and cyber-enabled foreign influence activities, especially as the 2024 election cycle approaches.
The hacking campaign entailed sending over 10,000 malicious emails containing hidden tracking links allowing APT 31 access to information about the target, including location and IP address. Emails were focused on government officials worldwide critical of China’s policy.
UK authorities also impose sanctions
British officials indicated that those sanctioned by the state had raised concerns about threats from China and a hack that potentially accessed data on tens of millions of British voters held by the Electoral Commission. They mentioned being responsible for a cyber espionage operation targeting members of Congress.
The Ministry of Foreign Affairs clarified that the hacking of the electoral register did not impact the electoral process, rights of individuals, or electoral registration access.
British cybersecurity officials accused hackers linked to the Chinese government of conducting reconnaissance on British MPs critical of the Chinese government in 2021, with no successful infections reported among the MPs.
Additionally, three MPs, including former Conservative Party leader Iain Duncan Smith, disclosed being subjected to harassment, impersonation, and attempted hacking from China. They are part of the Inter-Parliamentary Union on China, focused on countering Beijing’s influence.
Source: www.theguardian.com
