Key Takeaways
The UK government has accused a Chinese state-affiliated organization of hacking systems operated by the Electoral Commission and targeting Members of Parliament.
Known as the Advanced Persistent Threat Group 31 (APT31), the shadowy organization stands accused of interfering with democratic institutions in the US and UK, where intelligence agencies have condemned China’s brazen espionage attempts.
On Monday, March 25, the same day the UK government called out APT31 for malicious cyber activity, the FBI charged 7 alleged members of the group with conspiracy to commit computer intrusions and conspiracy to commit wire fraud.
“These defendants were part of a Chinese government-sponsored hacking group, targeting US businesses and US political officials for intrusion for over a decade as part of a larger, malicious global campaign,” stated FBI Assistant Director Smith.
Meanwhile, in the UK, GCHQ’s National Cyber Security Centre (NCSC) spearheaded an investigation into APT31’s activities.
As a result of that investigation, 2 individuals and a company that allegedly acted as a front for the organization, have been sanctioned . According to the US Treasury Department, the front company Wuhan XRZ was set up in 2021 by the Hainan State Security Department, a provincial arm of China’s Ministry of State Security.
In response to APT31’s cyber activities. the Foreign, Commonwealth and Development Office has summoned the Chinese Ambassador to the UK. Foreign Secretary David Cameron said he has also raised the issue with his Chinese counterpart Wang Yi.
“It is completely unacceptable that China state-affiliated organizations and individuals have targeted our democratic institutions and political processes,” Cameron declared.
Meanwhile, Home Secretary James Cleverly highlighted that the “reprehensible” attempt to hack the Electoral Commission ultimately failed:
“China’s attempts at espionage did not give them the results they wanted […] Our upcoming elections, at local and national level, are robust and secure.”
Although cleverly insisted that the APT31 attacks wouldn’t affect the UK’s upcoming elections, GCHQ acknowledged that it is “highly likely” the group succeeded in accessing sensitive data from the Electoral Register.
“The data, in combination with other data sources, would highly likely be used by the Chinese intelligence services for a range of purposes,” the spy agency observed. Specifically, it said the stolen information could be used for large-scale espionage and transnational repression of Beijing’s critics.
While it didn’t name the MPs whose email accounts were surveilled by APT13, the agency noted that they “have been prominent in calling out the malign activity of China.”