Cyberwarfare / Nation-State Attacks , Fraud Management & Cybercrime

UK Discloses Chinese Espionage Activities

Deputy Prime Minister Says Violet Typhoon Is Behind Attacks on UK Politicians
UK Discloses Chinese Espionage Activities
U.K. Deputy Prime Minister Oliver Dowden addressing the members of the House of Commons on March 25, 2024

Chinese state hackers targeted multiple British politicians, the U.K. government said Monday in a coordinated disclosure of Chinese state hacking activities designed to ramp up international pressure on Beijing.

See Also: Webinar | Everything You Can Do to Fight Social Engineering and Phishing

In conjunction with the U.S. Department of the Treasury, the Foreign, Commonwealth and Development Office sanctioned two individuals accused of hacking for Chinese state threat actor APT31.

The British National Cyber Security Center today said APT31 "was almost certainly responsible" for targeting parliamentarians' emails in 2021.

The sanctions also cover Wuhan Xiaoruizhi Science & Technology, a company U.S. prosecutors say is a front for the Chinese Ministry of State Security (see: US Indicts Accused APT31 Chinese Hackers for Hire).

The British government summoned the Chinese ambassador to the Foreign Office.

"It is completely unacceptable that China state-affiliated organizations and individuals have targeted our democratic institutions and political processes," said Foreign Secretary David Cameron.

Addressing the members of the British Parliament on Monday, U.K. Deputy Prime Minister Oliver Dowden said members of the Inter-Parliamentary Alliance on China - an international pressure group of lawmakers dedicated to countering Beijing - has been the target of a hacking campaign that he attributed to APT31. The group is also known as Violet Typhoon and Judgment Panda.

Dowden also disclosed more details on the U.K. Electoral Commission hack in 2021 that the government disclosed last year. The attack, tied to a different Chinese group, took place between 2021 and late 2022 and resulted in hackers copying voter register files (see: UK Electoral Commission Suffered 'Complex' Hack in 2021).

In an update on Monday, Dowden said the Electoral Commission has since strengthened its security and that the incident will not affect how people register or vote in the upcoming elections. The commission has said the hacks did not affect electoral processes.

"This is the latest in a clear pattern of hostile activity originating in China, including the targeting of democratic institutions and parliamentarians in the United Kingdom and beyond," Dowden said. Chinese intelligence services could use exfiltrated information for a range of purposes, including large-scale espionage or transnational repression of dissidents and critics in the United Kingdom.

Speaking at a press conference on Monday, British Conservative Member of Parliament Iain Duncan Smith, who was among the targets of the Chinese hack, said U.K. parliamentarians have been the target of "harassment, impersonation and attempted hacking from China."

The hackers also compromised emails of two other members of the Inter-Parliamentary Alliance on China.

An IPAC spokesperson said the Parliamentary Security Department intervened to prevent the hackers from accessing the contents of targeted email inboxes but also said more group members may have been targeted in the hack.

With the U.K. set to enter elections this year, Alan Woodward, a visiting professor of computer science at England's University of Surrey, said Chinese groups could use the exfiltrated voter information to run targeted disinformation campaigns.

"You've got 40 million registered users, and you're getting their name and address, which can combine it with other information to start to identify voters, specifically swing voters, as they're the ones that always decide elections. So you might then be able to tie it in with disinformation and misinformation, via adverts on Facebook for influencing people," Woodward said.

About the Author

Akshaya Asokan

Akshaya Asokan

Senior Correspondent, ISMG

Asokan is a U.K.-based senior correspondent for Information Security Media Group's global news desk. She previously worked with IDG and other publications, reporting on developments in technology, minority rights and education.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing, you agree to our use of cookies.