Global concerns rise over alleged cyber hacking activities linked to China

• China faces global backlash over hacking allegations.
• The U.S., UK, New Zealand, and Australia have taken a stand, emphasizing the need for cybersecurity and the protection of democratic values.

China finds itself at the heart of global scrutiny once more. Following its recent shift in tech policy, including the move to phase out AMD and Intel microprocessors in governmental applications, serious allegations have emerged from the U.S. and the UK. Authorities in these countries have leveled charges, imposed sanctions, and accused Beijing of orchestrating a vast cyberespionage campaign, reportedly affecting millions, including lawmakers, academics, journalists, and companies, notably in the defense sector.

Termed Advanced Persistent Threat 31, or “APT31,” this hacking ensemble is characterized by officials as a branch of China’s Ministry of State Security. A broad spectrum of individuals and entities has been identified as targets, encompassing White House personnel, U.S. senators, British legislators, and international officials critical of Beijing, as reported by Reuters.

Although specific victims have not been fully disclosed, it’s clear that over the past decade, these hackers have penetrated defense contractors, dissidents, and various sectors in the U.S., such as steel, energy, and apparel. They’ve also targeted leaders in 5G and wireless technology, extending even to the spouses of prominent U.S. officials and lawmakers.

Deputy U.S. Attorney General Lisa Monaco stated that the operation aimed to stifle criticism of the Chinese regime, compromise government institutions, and steal trade secrets.

A recent indictment of seven alleged Chinese hackers has brought to light the magnitude of their operations, detailing breaches involving work accounts, personal emails, and more, impacting millions in the U.S. British officials have also highlighted APT31’s hacking of key UK lawmakers and have connected another group of Chinese spies to a significant breach of Britain’s electoral commission.

International reactions and repercussions on the “China hacking”

In response, Chinese officials in the UK and U.S. have dismissed these allegations as unfounded and slanderous.

Amidst these disclosures, the UK and U.S. have sanctioned individuals and entities believed to be linked to China’s state security apparatus and involved in these cyber operations.

This situation intensifies the already heightened tensions between Beijing and Washington over cybersecurity, with each side increasingly accusing the other of espionage. China has retorted with allegations of U.S. cyber intrusions into major Chinese corporations, such as Huawei Technologies.

One notable incident highlighted by U.S. prosecutors involved targeting staffers from a U.S. presidential campaign in 2020, corroborating Google’s reports of malicious emails sent to President Joe Biden’s campaign team, though no breach was confirmed.

The hacking of a significant American public opinion research firm in 2018, during the U.S. midterm elections, underscores the hackers’ strategic interest in political entities for their invaluable intelligence and data.

John Hultquist, chief analyst for U.S. cybersecurity intelligence firm Mandiant, has pointed out the substantial value political organizations offer to espionage efforts, underlining the critical insights and extensive data they provide to actors like APT31 in search of geopolitical intelligence.

The global stage of cyber warfare

The narrative has broadened beyond the initial U.S. and UK accusations against China regarding cyberespionage. The New Zealand government has also come forward, expressing its concerns to the Chinese government about a state-backed cyberattack on New Zealand’s parliament in 2021, discovered by the country’s intelligence services. This incident contributes to the intricate landscape of international cyber tensions.

This exposure of unauthorized access to New Zealand’s parliamentary systems through malicious cyber activities aligns with the allegations of cyberespionage by Britain and the U.S. against China. New Zealand and Australia have both denounced these extensive cyber operations.

New Zealand’s Foreign Minister, Winston Peters, has criticized such foreign interference as unacceptable. He highlighted that New Zealand has conveyed its concerns about cyber activities attributed to Chinese government-sponsored groups targeting democratic institutions in New Zealand and the UK to the Chinese ambassador.

The Chinese Embassy in New Zealand has not yet commented on these accusations.

We reject outright the groundless and irresponsible accusations against China on cyber attacks or intrusions, and have lodged serious démarches to New Zealand’s relevant authorities, expressing strong dissatisfaction and resolute opposition.

Cybersecurity is a global challenge.…

— Wang Xiaolong (@AmbChina2NZ) March 26, 2024

The New Zealand Communications Security Bureau (GCSB), in charge of cybersecurity and signals intelligence, has linked a state-sponsored Chinese entity, known as Advanced Persistent Threat 40 (APT40), to the malicious cyber activities against New Zealand’s parliamentary services and parliamentary counsel office in 2021. The GCSB associates APT40 with the Ministry of State Security, noting that while no sensitive or strategic information was compromised, the attackers extracted technical data, potentially enabling further intrusive activities.

According to the GCSB, a notable portion of the malicious cyber events targeting nationally significant organizations last year were traced back to state-sponsored actors, not exclusively China. The bureau also criticized similar cyber activities linked to Russia.

Judith Collins, the minister responsible for the GCSB, stated that cyberespionage efforts targeting democratic institutions are universally condemnable.

Towards a unified stance against cyber intrusions

This development follows charges, sanctions, and accusations by American and British officials against Beijing, accusing it of conducting a widespread cyberespionage campaign that allegedly affected millions globally, including lawmakers, academics, journalists, and businesses, such as defense contractors. The group behind these activities, identified as Advanced Persistent Threat 31 or “APT31,” is said to be an extension of China’s Ministry of State Security, with a broad list of global targets reported by officials from the two countries.

A joint statement from Australia’s Foreign Minister Penny Wong and Home Affairs Minister Clare O’Neil criticized the continuous cyber targeting of democratic institutions, emphasizing the adverse impact on democratic and open societies like Australia. They stated that such behavior is unacceptable and must cease.

In 2019, Australian intelligence attributed a cyberattack on its national parliament and the country’s three largest political parties before the general election to China, though the Australian government has not officially confirmed the perpetrator.

Well, it looks like the cyber saga is thickening, with China in the hot seat for allegedly orchestrating a vast network of cyberespionage that spans continents. The U.S., UK, New Zealand, and Australia are ramping up their cybersecurity defenses and calling out China’s actions on the global stage. It’s a classic case of “your move, China,” as the international community tightens its ranks against these cyber intrusions.

But what does the future hold? Well, if history has taught us anything, it’s that with every action comes a reaction. China might double down on its cybersecurity measures and retaliate, or perhaps, just perhaps, this international spotlight could usher in a new era of cyber diplomacy. In a world where technology continues to blur the lines between the possible and the impossible, who’s to say what the future might hold? One thing’s for sure: the global dialogue on cybersecurity is heating up.

---

---

---