The UK government has announced sanctions for China state-affiliated actors after malicious cyber activity, which suggests APT31 was almost certainly responsible for targetting UK parliamentarians’ emails in 2021.
The National Cyber Security Centre, a part of GCHQ, assesses that the China state-affiliated cyber actor APT31 has a high likelihood of being behind the online ‘reconnaissance’ activity in 2021 against email accounts of UK parliamentarians, most of whom have been prominent in calling out malign activity of China.
The Foreign Office confirmed it will be summoning the Chinese ambassador “to account for China’s conduct in these incidents”, and that international partners such as the US, would also be issuing sanctions.
Wuhan Xiaoruizhi Science and Technology company is thought to be the front company, along with two individuals, Zhao Guangzong and Ni Gaobin, who have been linked to the APT31 hacking group and have since been sanctioned over the cyber-attacks.
According to reports, one of the main concerns is that Chinese spies could use the stolen data from the hack of the elections to target dissidents of Xi Jinping’s government based in the UK.
Not only this, but with the threat actors in possession of data from the Electoral Register during this period, sources suggests that Chinese intelligence could use it for large-scale espionage and transnational repression of perceived dissidents and critics in the UK.
Paul Chichester, Director of Operations at the National Cyber Security Centre, said: “The malicious activities we have exposed today (25 March 2024) are indicative of a wider pattern of unacceptable behaviour we are seeing from China state-affiliated actors against the UK and around the world.
“The targeting of our democratic system is unacceptable and the NCSC will continue to call out cyber actors who pose a threat to the institutions and values that underpin our society.
“It is vital that organisations and individuals involved in our democratic processes defend themselves in cyberspace and I urge them to follow and implement the NCSC’s advice to stay safe online.”
To help bolster the UK’s cyber resilience, the NCSC has published updated guidance in its Defending Democracy collection for political organisations – such as parties and thinktanks – and organisations coordinating the delivery of elections, with advice on how to reduce the likelihood of cyber attacks.