UK says Chinese hackers targeted electoral watchdog

The United Kingdom has accused Chinese hackers of trying to break into email accounts of UK parliamentarians who are critical of China and says a separate Chinese entity is behind a hack of its electoral watchdog that compromised millions of people's data.

In response to the attempted hack in 2021 of emails belonging to UK politicians who are critical of China, the UK imposed sanctions on two people and one company linked to state-backed Chinese hacking group APT31.

The UK also said an unidentified Chinese state-affiliated hacking group was behind a separate 2021-2022 cyber-attack on the UK's Electoral Commission.

That hack was disclosed last year but the UK had not previously said who was responsible.

Deputy Prime Minister Oliver Dowden told parliament the attacks "demonstrate a clear and persistent pattern of behaviour that signals hostile intent from China," adding the foreign office had summoned the Chinese ambassador to explain.

The Chinese embassy in London said the claims were "completely fabricated" and "malicious slanders".

The UK government is attempting to strike a delicate balance between trying to neutralise security threats posed by China while maintaining or even enhancing engagement in some areas such as trade, investment and climate change.

But there has been growing anxiety about the Chinese government's alleged espionage activity in the UK, particularly ahead of a general election expected later this year.

Last month, security officials told Reuters that the US government had launched an operation to fight a pervasive Chinese hacking operation that compromised thousands of internet-connected devices.

Days later, Dutch intelligence agencies said Chinese cyberspies had gained access to a military network in the Netherlands in what they said was a trend of Chinese political espionage.

APT31, the Chinese hacking group the UK claims was behind the targeting of MPs' emails, has a history of spying on politicians and their staff.

In 2020, security researchers at Google and Microsoft warned that the group had targeted the personal emails of campaign staff working for US President Joe Biden.

According to US cybersecurity firm Secureworks, APT31 has also targeted legal, consulting, and software development firms.

The UK has spent the last year trying to improve ties with China after the relationship sunk to its lowest point in decades under former prime minister Boris Johnson, when the UK restricted some Chinese investment over national security worries and expressed concern over a crackdown on freedoms in Hong Kong.

Dan Lomas, an intelligence and security analyst at the University of Nottingham, said the UK's decision to call China out publicly showed the government was willing to challenge officials in Beijing.

It is "unlikely that sanctions and harsh words will significantly alter trade between the UK and China," he said.

"But we are going to see a war of words."