TIn the latest revelations of cyberattacks that the US government and its allies have linked to the government of President Xi Jinping, the US and UK say state-sponsored Chinese hackers have been targeting politicians, businesses and dissidents for years, and are targeting British voters. He accused them of stealing a treasure trove of data.
U.S. officials said the seven Chinese nationals targeted members of Congress, White House staff, government agencies such as the Justice Department, candidates, campaign staff and U.S. companies. The hackers, part of a state-backed group known as APT31, are charged with conspiracy to commit computer intrusion and conspiracy to commit wire fraud.
Both the United States and the United Kingdom announced sanctions against two of them and a company in Wuhan, China, Wuhan Xiaoruizhi Technology Co., Ltd. The US claimed this was a front that “serves as a front for multiple malicious cyber operations.” And the hackers were working there as contractors.
Britain also accused China of accessing details of about 40 million voters held by the Electoral Commission, according to Deputy Prime Minister Oliver Dowden.
Monday's revelations add to a growing list of cybersecurity breaches that the United States and its allies say are backed by the Chinese government as part of a broader strategic and economic competition around the world.
New Zealand has also established links between state-backed groups linked to the Chinese government and malicious cyber activity targeting the country's parliamentary activities, New Zealand's Minister for Communications and Security, Judith Collins, said in Wellington on Tuesday. said. She said the 2021 Parliamentary Counsel Office and Parliamentary Services compromise was quickly resolved.
China disputes the claims, with a foreign ministry official in Beijing calling the British accusations “disinformation” and a Chinese embassy spokesperson in Washington saying in a statement that the US “jumped to unwarranted conclusions and made baseless accusations”. “I did it,” he said.
In January, the FBI announced it had dismantled infrastructure used by Bolt Typhoon, a Chinese state-backed group that targeted U.S. power grids and pipelines. Last October, security officials from the so-called Five Eyes (US, UK, Australia, New Zealand and Canada) sounded the alarm about Chinese hacking and espionage in media interviews and public appearances. In 2015, security researchers suspected that the Chinese government was involved in the theft of more than 22 million U.S. security clearance records.
British Prime Minister Rishi Sunak said on Monday that China's “increasingly aggressive” support for hacking was an “epoch-making challenge” and the “biggest state-based threat to our economic security”. Ta. Federal Bureau of Investigation Director Christopher Wray called them “an ongoing and reckless effort to undermine our nation's cybersecurity and target Americans and our nation's innovation.”
malicious email
Some of the hacking operations were successful in compromising the targets' networks, email accounts, cloud storage accounts and call records, and monitoring of compromised email accounts continued for years, U.S. authorities said.
U.S. authorities said the hacking campaign targeted more than 10,000 malicious emails that appeared to contain legitimate news articles, often from prominent news organizations and journalists. It is said that it was sent to. The emails contained hidden tracking links that sent information such as the recipient's location and the device used to access the email to servers controlled by the defendants and others they were working with. There was a possibility that
The Justice Department said the group used this information to carry out more sophisticated hacks, including compromising home routers and other electronic devices.
In more worrying allegations, the United States announced that hackers began targeting the email accounts of multiple campaign officials for an anonymous presidential candidate starting around May 2020. By November of the same year, the hackers were sending emails containing tracking links to targets associated with additional affiliated organizations. His political activities included former U.S. government national security officials, according to the indictment.
U.S. companies in the defense, information technology, telecommunications, manufacturing and trade, finance, consulting, legal and research industries were targeted by the group, with victims including U.S. 5G network equipment providers and an Alabama-based company. It also includes research companies.Aerospace and defense industry and Maryland-based professional support services company, according to the U.S.
In the UK, the National Cyber Security Center said it was “virtually certain” that APT31 conducted reconnaissance operations against British MPs during a separate campaign in 2021. However, the member's account was not successfully compromised.
Britain summoned China's ambassador in London, and Foreign Secretary David Cameron said in a separate statement that he had raised the issue directly with Chinese Foreign Minister Wang Yi.
For Britain, the incident marks an escalation of tensions that have been rising since Hong Kong passed a security bill that eroded Hong Kong's freedoms, and is a sign of the tension between the two countries when control of Hong Kong was transferred to Beijing in 2016. The UK claims that this is in breach of the restitution agreement signed in the United Kingdom. 1997.
