The words ‘tip of the iceberg’ come to mind as the UK government announces that it plans to impose sanctions on two individuals and an entity accused of targeting British MPs in a cyber attack in 2021. It popped into my head. But that would be underestimating the iceberg.
Home Secretary James Cleverley said the sanctions showed that “targeting elected officials and electoral processes will never be challenged”.
But some experts saw Washington’s decision to prosecute seven people linked to a hacking organization known as APT31 as a sign that Britain was in trouble. and blame It engaged in a “massive global hacking operation” that sent more than 10,000 malicious emails to politicians, officials, journalists, and critics of China on multiple continents.
Alan Woodward, a cybersecurity professor at the University of Surrey, said the sanctions “are not going to blindly bring about change” in the UK’s cybersecurity, saying they are “the equivalent of sending a stern letter”. The British government “has to say something because the Americans are saying something, but we still don’t want to anger China.”
On the same day, the government revealed a historic hacking attempt, accusing “Chinese state-affiliated entities” of compromising the Election Commission’s system from 2021 to 2022. The Chinese embassy in London said Britain’s statement was “totally baseless and constitutes a malicious defamation.” But Britain did not accuse sanctioned entities of involvement in the violation. Jamie McCall, a cybersecurity researcher at the Royal Service Institute think tank, said the government was “conflating two separate issues and creating huge confusion for the public”.
One reason why the UK’s response is seen by some as weak and confusing is that the Chinese hacking attempt is not an isolated incident. Rather, they constitute an ecosystem in which all Western governments must navigate their relationships with Beijing. Google said in a report released on March 27 that China “continues to lead the way in government-sponsored exploitation.” APT31 alone has been implicated in hacking. France, Finland And regarding Microsoft, New Zealand said: this week It was also reported that APT40, another well-known Chinese hacking organization, attacked Parliament in 2021 (the Chinese embassy in New Zealand denied this allegation).
A recent data breach from Chinese cybersecurity company iSoon reveals how much Chinese hackers for hire are competing for government contracts, sometimes selling data from foreign agencies to the highest bidder. We collect based on expectations and specs. In the case of APT31, the US Department of Justice alleges that the hacking operation was directly operated by a local division of China’s Ministry of State Security.
However, in general, Chinese cybersecurity experts and Natto thoughts According to the newsletter, almost every cybersecurity company in China will have some type of contract with a government customer. The cybersecurity industry is worth an estimated $13bn (£10.3bn), so the number of potential hackers is huge.
As a result, Western governments have struggled to coordinate effective responses to hacks and hacking attempts. In many cases, the Chinese government plausibly denies responsibility, and it is not always clear what the impact of data breaches is. Audrey Wong, an assistant professor at the University of Southern California, said that while Russian hacking often “creates discord and confusion,” China is “more cautious” and “still plays a very important role in shaping perceptions of China and the Chinese Communist Party.” I’m interested,” he said. ”. Many Western international security experts refer to the adage that Russia may be a storm, but China is a climate change.
Danowski says it’s the first time since the United States. was indicted Despite a mass intrusion by hackers linked to a company known as Chengdu 404 in 2020, the company’s business operations in China continue as usual, and the “honor and shame” tactics adopted this week by the US and UK suggests that it may be symbolic at best.
Although China has said it has “no interest or need to interfere in the UK’s internal affairs,” some cybersecurity experts point out that collecting information about foreign countries is fodder for intelligence activities, or espionage, by other countries. There is.
recent Reuters report While president, Donald Trump authorized a covert CIA operation on Chinese social media designed to turn Chinese public opinion against China, and that operation may still be active. If China’s cyberattacks lead to harassment of dissidents, “then I can see why sanctions would be justified,” McCall said. “But from my perspective, the activities that are named are primarily political espionage.”
