China’s Cyber Attacks on US and UK: What We Know About the Espionage Campaign

US, UK and New Zealand of targeting sensitive information with cyber hacking attacks

The United States and the United Kingdom have imposed sanctions on individuals and groups accused of participating in a large-scale cyber espionage campaign. The operation, allegedly orchestrated by China’s Ministry of State Security, targeted politicians, journalists, and critics of Beijing. The scope of the cyber attacks was revealed this week, with New Zealand also attributing a separate hacking incident to Chinese-backed cyber actors.

Who is Behind the Cyber Attacks?

The cyber attacks have been attributed to a hacking group known as Advanced Persistent Threat 31 (APT 31), also referred to as Zirconium, Violet Typhoon, Judgment Panda, and Altaire. This group operates under the Ministry of State Security in Wuhan, China. APT 31 is notorious for high-profile attacks, including a 2020 campaign that targeted campaign staff working for Joe Biden, as well as the 2021 hack of Microsoft Exchange servers, which compromised tens of thousands of computers globally.

Additionally, another Chinese-linked hacking group, APT 40, has been blamed for a 2021 attack on New Zealand's parliamentary network, aimed at compromising sensitive government data.

Targets of the Attacks

The targets of this extensive campaign ranged from political dissidents and critics of China to government officials, journalists, and business leaders. The UK government reported two major campaigns in which Beijing allegedly gained access to personal data from 40 million voters between late 2021 and October 2022, although there was no evidence that the electoral process was affected. A more focused attack targeted UK parliamentarians critical of China, though no accounts were compromised.

In the US, the Justice Department described a 14-year-long global operation targeting political dissidents, US government officials, and political candidates. Thousands of individuals and organizations were affected, with some email accounts, cloud storage, and telephone records being compromised. The campaign also focused heavily on activists and journalists involved in the 2019 pro-democracy protests in Hong Kong.

New Zealand also confirmed that some non-sensitive data was stolen during the attack on its parliamentary services.

How Did the Attacks Unfold?

Both the US and UK have reported that APT 31 primarily used phishing techniques to infiltrate systems. The group sent over 10,000 deceptive emails, often disguised as communications from news outlets or political figures. These emails contained links that, when clicked, revealed the recipient’s location, device details, and IP address, allowing APT 31 to gain access to sensitive devices such as home routers.

Goals of the Campaign

The primary objective of APT 31’s cyber espionage operation, according to US authorities, was to repress critics of the Chinese government, infiltrate governmental institutions, and steal trade secrets. The group targeted a wide range of industries, including defense, telecommunications, and manufacturing, successfully compromising intellectual property and economic plans.

In addition to government targets, the spouses of senior US officials and political candidates were also on the hackers' radar, although there was no indication that the attacks were intended to interfere with the 2020 US presidential election.

What’s Next?

Tensions between Beijing and Washington have been escalating over allegations of state-sponsored cyber espionage. Critics in the UK have argued that the government was slow to respond to the attacks, with some MPs calling for a tougher stance on China. Luke de Pulford, executive director of the Inter-Parliamentary Alliance on China (IPAC), expressed frustration with the UK’s delayed acknowledgment of China’s role in the cyber campaign.

In response to the accusations, Chinese officials have denied the allegations, with a spokesperson from the Chinese embassy in the UK stating that China “firmly opposes and combats all forms of cyber attacks” and does not support or condone such activities.

 

Comments

Post a Comment

Popular posts from this blog

Tarun Wig’s Resilient Leadership: The Rise of Innefu Labs

Image
In the ever-evolving and highly competitive world of cybersecurity, resilience, and innovation are essential qualities for success. Tarun Wig , the Co-Founder of Innefu Labs, exemplifies these traits through his leadership and unwavering belief in the power of technology to safeguard national security. His journey, marked by overcoming challenges and achieving significant milestones, stands as a testament to the transformative growth of Innefu Labs under his guidance. Tarun Wig  Overcoming Setbacks: The Turning Point of 2024 For Tarun Wig Innefu Labs, the year 2024 presented unexpected challenges that tested the company’s resilience and adaptability. The first obstacle came when a key partner misused a product demo and distanced themselves from the collaboration. On top of this, Innefu Labs faced a rare security breach, a concerning event for a company known for its cutting-edge cybersecurity solutions, including Kavach, deployed for NIC since 2018. However, these challenges did no...
Read more

Tarun Wig and Innefu Labs: Cybersecurity Leadership.

Image
Tarun Wig , the co-founder of Innefu Labs, has led the company through significant challenges, turning adversity into opportunities for growth. Innefu Labs, a leader in cybersecurity and AI-driven intelligence solutions, has become an industry pioneer thanks to Tarun’s innovative leadership and his team’s resilience. Tarun Wig Overcoming Major Challenges in 2024 In 2024, Innefu Labs faced unexpected hurdles. A betrayal from a former partner who exploited their product demo and a rare cybersecurity breach tested the company’s security systems. Despite these setbacks, Tarun Wig remained determined to navigate through the crisis and emerged stronger. The breach was a rare event, especially given Innefu’s impressive track record since implementing Kavach for the National Informatics Centre (NIC) in 2018. Strategic Audits and Stronger Security After the breach, Innefu Labs took immediate action by conducting a thorough audit with a top cybersecurity agency. The audit revealed that the brea...
Read more

US Judge Rules NSO Group Liable for WhatsApp Hack in Landmark Case

Image
  The logo of NSO Group A US judge delivered a significant legal victory for WhatsApp on Friday, ruling that NSO Group Technologies , the Israeli maker of the infamous Pegasus spyware, violated US hacking laws and WhatsApp's terms of service in a 2019 cyberattack. The lawsuit, filed by Meta, WhatsApp's parent company, accused NSO Group of infecting and surveilling the phones of 1,400 individuals over a two-week period in May 2019. These individuals included journalists, human rights activists, political dissidents, and diplomats. In her ruling, Judge Phyllis Hamilton stated that NSO Group had violated both state and federal US hacking laws, specifically the US Computer Fraud and Abuse Act. The case will now proceed to a jury trial in March 2025 to determine the damages owed to WhatsApp. WhatsApp praised the decision, with a spokesperson saying, “After five years of litigation, we’re grateful for today’s decision. NSO can no longer avoid accountability for their unlawful attacks...
Read more