The sanctions identify companies and individuals accused of collaborating with the Chinese government and launching cyberattacks.
The United States and the United Kingdom have announced sanctions against a Chinese company and two individuals following an alleged cyber-espionage campaign that targeted millions of people, including lawmakers, constituents, and prominent critics of the Chinese government.
In Monday's sanctions announcement, the United States and Britain said they had traced “malicious cyber activity” to intelligence operations within the Chinese government.
A statement from the U.S. Treasury Department identified the sanctioned entity as Wuhan Xiaoruizhi Technology Co., Ltd. The announcement described the organization as a front company for China's Ministry of State Security and acting as a “front for multiple malicious cyber operations.”
The US Treasury also named two Chinese nationals under sanctions, Zhao Guangzong and Ni Gaobin. Both have ties to Wuhan companies. They are accused of using cyber attacks to undermine critical infrastructure sectors such as defense, aerospace and energy.
Also on Monday, the U.S. Department of Justice indicted Chao, Nee and five other hackers on charges of conspiracy to commit computer intrusion and wire fraud. The agency said they were part of a 14-year cyber operation that “targeted U.S. and foreign critics, businesses, and political officials.”
U.S. Deputy Attorney General Lisa Monaco said in a statement that the goal of the global hacking operation was to “oppress critics of the Chinese regime, compromise government institutions, and steal trade secrets.”
British authorities have not released the names of the companies or the two individuals sanctioned. However, the two sanctioned individuals were said to have been involved in the operations of the Chinese cyber group APT31 (abbreviation for Advanced Persistent Threat). This group is also known as zirconium or hurricane pandas.
APT31 has previously been accused of targeting the information systems of the U.S. presidential campaign and the Finnish parliament.
Officials also said Chinese state-linked hackers “conducted reconnaissance operations” against critics of the British Parliament in 2021, but none of the targeted accounts were successfully compromised.
Three British MPs said they were among the targets. They were members of the Inter-Parliamentary Union on China. This international organization focuses on curbing the Chinese government's influence abroad and addressing human rights issues.
Targets include former Conservative Party leader Iain Duncan Smith. He told reporters at a press conference on Monday that he and his colleagues “have been subject to harassment, impersonation and hacking attempts from China for some time.”
Meanwhile, the UK Electoral Commission announced in August that it had confirmed a system breach in October 2022, but that “hostile actors” had been able to access servers since 2021.
The election watchdog said the data accessed included the names and addresses of registered voters. However, he added that much of the information is already in the public domain.
The UK Foreign Office said on Monday that the hack had “no impact on the electoral process, no impact on any individual's rights or access to the democratic process, and no impact on electoral registration.” said.
British Deputy Prime Minister Oliver Dowden also announced that the government would summon the Chinese ambassador in light of the allegations.
China's Foreign Ministry warned that the government should make its own claims based on evidence, rather than “slandering” other countries without basing them on facts.
Ministry spokesperson Lin Jian said, “Cybersecurity issues should not be politicized.”
He added: “We hope that all parties will stop spreading false information, behave responsibly, and work together to maintain peace and security in cyberspace.”
