US, UK, New Zealand accuse China of cyberattacks on politicians
(L-R) Conservative MP Tim Loughton, former Conservative leader, Iain Duncan Smith and SNP’s former defense spokesman Stewart McDonald from the Inter-Parliamentary Alliance on China, hold a press conference in central London, U.K., March 25, 2024. (AFP photo)


The U.S., U.K., and New Zealand have accused China-backed cyber groups of attacking lawmakers and democratic institutions, sparking Chinese denials.

In rare and detailed public accusations against China – Washington, London and Wellington described a series of cyber breaches over the last decade or more, in what appeared to be a concerted effort to hold Beijing accountable.

The U.S. Justice Department charged seven Chinese nationals over what it said was a 14-year "prolific global hacking operation" designed to aid China's "economic espionage and foreign intelligence objectives."

Deputy Attorney General Lisa Monaco said Monday the campaign involved more than 10,000 emails being sent, targeting U.S. and foreign-based businesses, politicians, candidates for elected office and journalists.

Washington said a unit, dubbed APT31, was behind the attacks, describing it as a "cyberespionage program" run by China's powerful Ministry of State Security out of the central city of Wuhan.

The hackers gained access to "email accounts, cloud storage accounts, and telephone call records" the Justice Department said, monitoring some accounts for "years."

Hours later, London said that from 2021-2022 the same APT31 group had targeted U.K. lawmakers' accounts, including many who were critical of Beijing's policies.

With Britain expected to hold a general election within months, U.K. Deputy Prime Minister Oliver Dowden also made a shock announcement that "a Chinese state-affiliated entity" had likely "compromised" the country's Electoral Commission.

He said that both campaigns against lawmakers and the Electoral Office, while a "real and serious threat," were ultimately thwarted.

"It will not impact how people register, vote or otherwise participate in democratic processes," Dowden said.

Two individuals and one company linked to APT31 have been hit with U.K. sanctions.

In a parallel announcement, New Zealand on Tuesday said its Parliamentary Counsel Office, which drafts and publishes laws, had been compromised around the same period.

New Zealand, normally one of China's strongest backers in the West, blamed the Chinese "state-sponsored group" APT40 for the attack.

Recently elected center-right Prime Minister Christopher Luxon admitted it was a "big step" to blame the cyberattack on China, his country's biggest trade partner.

New Zealand Foreign Minister Winston Peters said he had instructed diplomats to "speak today to the Chinese Ambassador, to lay out our position and express our concerns."

"That conversation has now taken place," he said.

'Malicious slander'

In recent years, Western nations have been increasingly willing to expose malicious cyber operations, and to point fingers at foreign governments – most notably China, Russia, North Korea and Iran.

But China reacted angrily to the accusations, with embassies and in London, Wellington and Washington issuing denunciations.

"The UK's hype-up of the so-called 'Chinese cyberattacks' without basis and the announcement of sanctions is outright political manipulation and malicious slander," the Chinese Embassy in London said.

China has "never encouraged, supported or condoned cyberattacks" the embassy claimed.

It was a similar message from Wellington, where the Chinese Embassy accused its hosts of "completely barking up the wrong tree."

"As a matter of fact, China is a major victim of cyberattacks," the embassy said.

Both Russia and China have been accused of using cutouts and off-site groups to carry out cyberattacks, making attribution more difficult.

Conservative MP Iain Duncan Smith, one of the targeted U.K. lawmakers, said Beijing should be labeled a threat to the country.

He was one of several U.K. MPs sanctioned by China in 2021 because of criticisms of human rights abuses against China's Uyghur minority and in Hong Kong.

Britain and the United States operate their own vast cyber operations but rarely acknowledge them publicly.

The two nations, along with New Zealand, Australia and Canada are part of the FiveEyes intelligence sharing network.