US and UK Accuse China of Cyberespionage Targeting Millions of People

I

n a joint move on March 25, U.S. and British officials levied charges, imposed sanctions, and accused Beijing of orchestrating a widespread cyberespionage campaign that targeted millions worldwide, including lawmakers, academics, journalists, and defense contractors.

The hacking group, dubbed Advanced Persistent Threat 31 (APT31), allegedly operated under the guise of China’s Ministry of State Security. Officials pointed fingers at a broad array of targets, encompassing White House staffers, US senators, British parliamentarians, and government officials critical of Beijing.

While specific victims were not named, US officials revealed that the hackers had infiltrated defense contractors, dissidents, and a range of American companies, including those in steel, energy, and apparel sectors. Notably, providers of 5G mobile telephone equipment and wireless technology were also targeted, along with the spouses of senior US officials and lawmakers.

Silence critics of the Chinese government

Deputy U.S. Attorney General Lisa Monaco asserted that the primary objectives of the cyber campaign were to silence critics of the Chinese government, compromise governmental institutions, and pilfer trade secrets. The indictment unsealed against seven alleged Chinese hackers outlined how their decade-long spree compromised millions of Americans’ work accounts, personal emails, online storage, and telephone records.

Meanwhile, authorities in London accused APT31 of targeting British lawmakers critical of China, alongside another Chinese spy group allegedly involved in hacking Britain’s electoral watchdog, compromising data of millions in the UK.

Chinese diplomats in Britain and the U.S. swiftly dismissed the accusations as baseless. The Chinese Embassy in London labeled the charges as “completely fabricated and malicious slanders.” Contact information for the seven charged hackers was not immediately available.

Simultaneously, both the U.S. and the UK imposed sanctions on Wuhan Xiaoruizhi Science and Technology, identified as a Ministry of State Security front company associated with the cyber activities. The US Treasury Department also targeted two Chinese nationals with sanctions in connection to the firm.

Attempt to undermine American cybersecurity

FBI Director Christopher Wray condemned China’s cyber activities, characterizing them as brazen attempts to undermine American cybersecurity and innovation. The escalation in accusations reflects growing tensions between Beijing and Washington over cyberespionage, with Western intelligence agencies increasingly vocal about Chinese state-backed hacking.

In response to the allegations, China has begun to highlight alleged Western hacking operations. Last year, the Chinese Ministry of State Security claimed that the US National Security Agency repeatedly breached Chinese telecommunications giant Huawei Technologies.

U.S. prosecutors outlined numerous unnamed global victims in their indictment, with specific incidents standing out. In 2020, Chinese hackers targeted staffers of a US presidential campaign, mirroring Google’s report of malicious emails sent to President Joe Biden’s campaign, although no compromise was detected.

Another notable incident involved the hacking of an American firm specializing in public opinion research in 2018, coinciding with the US midterm elections. John Hultquist, chief analyst for Mandiant, emphasized the strategic value of political organizations as intelligence sources for groups like APT31, citing their access to geopolitical insights and vast data troves.

As accusations and counter-accusations fly between major powers, the specter of cyberespionage looms large, underscoring the urgent need for robust cybersecurity measures and international cooperation to address the evolving threat landscape.

Source: Reuters