UK Sanctions China Individuals Over Hacks to Vote Watchdog, MPs

(Bloomberg) -- The UK sanctioned two people and one company linked to Chinese state-affiliated cyber organizations that it said was responsible for malicious cyber campaigns targeting democratic institutions and British lawmakers.

Most Read from Bloomberg

Deputy Prime Minister Oliver Dowden on Monday accused China of accessing the details of some 40 million voters held by the Electoral Commission. The UK has previously only ascribed the hack, which began in 2021 and wasn’t detected for 14 months, to “hostile actors.” The minister also told the House of Commons that China has targeted British politicians with its cyber attacks.

“These actions demonstrate a clear and persistent pattern of behavior that signals hostile intent form China,” Dowden told Parliament. “Their cumulative attempts to interfere with the United Kingdom’s democracy have not succeeded.”

The statement marks a further escalation in tensions that have been growing with China after Hong Kong passed security legislation that the UK says erodes freedoms in the city, contravening the handover deal signed between the two nations when governance of the territory was transferred to Beijing in 1997. Amid concern about the security of critical infrastructure, Britain in recent years has also retreated from its previous stance of welcoming Chinese investment in its nuclear industry and using its technology in mobile networks.

Earlier Monday, China hit back when asked about a report on cyber attacks involving political figures.

“We hope relevant parties can stop spreading disinformation, take a responsible attitude, and jointly safeguard security and peace in cyberspace,” Foreign Ministry spokesman Lin Jian said at a regular briefing in Beijing.

As well as blaming the Electoral Commission hack on a Chinese state-linked entity, the UK National Cyber Security Centre assesses that it is “almost certain” the China state-affiliated APT31 group conducted reconnaissance activity against British parliamentarians during a separate campaign in 2021 — though no parliamentary accounts were successfully compromised.

The hacks are “indicative of a wider pattern of unacceptable behavior we are seeing from China state-affiliated actors against the UK and around the world,” said NCSC Director of Operations Paul Chichester.

The British government says APT31 focuses on obtaining information that can provide the Chinese government and state-owned enterprises with political, economic, and military advantages.

Dowden said the UK has sanctioned two individuals and one entity involved in the hack, adding that Britain has summoned the Chinese ambassador to account for China’s actions. In a separate statement, Foreign Secretary David Cameron said he’s raised the matter directly with Chinese Foreign Minister Wang Yi. The government didn’t name those sanctioned in its statement on the measures.

The measures are unlikely to satisfy lawmakers who have called for the government to take a stronger stance against China, including former Conservative Party Leader Iain Duncan Smith and fellow Tory Tim Loughton, who say they were among those targeted by Chinese hacking, and are members of the the Inter-Parliamentary Alliance on China, which links legislators from around the world.

Duncan Smith and Loughton on Monday called on ministers to immediately label China as a “threat” rather than a challenge and put it in the “enhanced” tier of the UK’s foreign influence registration program. They also said Britain should sanction Chinese officials and increase support for British Members of Parliament. “We won’t be bullied into silence by Beijing,” said Duncan Smith.

Earlier Prime Minister Rishi Sunak said his government is taking measures to protect itself from the “epoch-defining challenge” posed by an “increasingly assertive” China.

“China is behaving in an increasingly assertive way abroad, authoritarian at home and it represents an epoch-defining challenge, and also the greatest state-based threat to our economic security,” Sunak told reporters.

But Luke de Pulford, the executive director of IPAC, said he’s surprised British ministers had taken so long to respond to a cyber-attack that took place in 2021. That “indicates that the government was a little bit reluctant to say that China had actually done this.” he told BBC Radio. He pointed also to foot-dragging over sanctions in retaliation to China’s actions in Hong Kong, saying that while the US has punished more than 40 members of the territory’s government, Britain has sanctioned “zero.”

The latest developments come following persistent warnings from Western governments about the hacking threat posed by China. In January, the FBI said that it had dismantled infrastructure used by a Chinese state-backed hacking group named Volt Typhoon, which the bureau said had been targeting the US power grid and pipelines.

In October 2023, security officials from the UK, US, Australia, New Zealand and Canada – known together as the Five Eyes – jointly raised alarm about Chinese hacking and espionage in media interviews and public appearances.

China has previously been blamed for a series of significant breaches in which hackers stole large databases of information. In 2015, security researchers suspected China was behind a hack on the US Office of Personnel Management, which resulted in the theft of more than 22 million security clearance records.

FBI Director Christopher Wray has accused the Chinese state of operating “the biggest hacking program in the world by far,” saying in an October 2023 interview with 60 Minutes that China has “stolen more of our personal and corporate data than every nation, big or small, combined.”

--With assistance from Isabella Ward and James Mayger.

Most Read from Bloomberg Businessweek

©2024 Bloomberg L.P.