sign up log in
Want to go ad-free? Find out how, here.

UK and US sanction Chinese state-sponsored hackers said to have breached Britain's Electoral Commission and parliament e-mails

Technology / news
UK and US sanction Chinese state-sponsored hackers said to have breached Britain's Electoral Commission and parliament e-mails
[updated]
APT31 hackers from China
The alleged Chinese state sponsored APT31 hackers

The governments of United Kingdom and the United States have imposed fresh sanctions against a group of hackers referred to as Advanced Persistent Threat 31, which they believe are sponsored by China's state security agency.

They are joined by New Zealand, which says another Chinese hacking group has attacked parliamentary entities in this country.

Judith Collins, the Minister responsible for the Government Communications Security Bureau (GCSB), issued a statement saying New Zealand stands with the UK in its condemnation of China's state-backed malicious cyber activity affecting the Electoral Commission and targeting MPs.

“The use of cyber-enabled espionage operations to interfere with democratic institutions and processes anywhere is unacceptable,” Collins said.

According to Collins, the GCSB has established links between a state-sponsored actor linked to the Chinese government, and malicious cyber activity targeting parliamentary entities in New Zealand.

That group is said to be the APT40 or "Kryptonite Panda" from Haikou on Hainan Island, which has been active since around 2009.

Unlike the UK and US, New Zealand isn't currently considering sanctions against APT40.

Zirconium, Violet Typhoon, Judgment Panda and Altaire

APT31 is also known as Zirconium, Violet Typhoon, Judgment Panda and Altaire, following the eclectic naming conventions of security researchers.

According to the National Cyber Security Centre (NCSC) in the UK, APT31 targeted the Electoral Commission which was likely compromised between 2021 and 2022, breaching details of some 40 million people on the voting register.

NCSC also assessed that "it is almost certain" that APT31 conducted reconnaissance against UK parliamentarians during a separate campaign in 2021.

Foreign Secretary David Cameron called the activity "completely unacceptable" and has raised the hacking and spying with China's foreign minister, Wang Yi.

Meanwhile, the US said it has laid criminal charges against the APT31 hackers along with imposing sanctions, for targeting critical infrastructure in America, along with officials, politicians, economic and defence entities as well as foreign democracy activists, academics and government officials. 

The recently sanctioned individuals include:

  • Zhao Guangzong 赵光宗 who is said to be a member of APT31, operating on behalf of China's Ministry of State Security (MSS). 
  • Ni Gaobing 倪高 彬also said to be a member of APT31, and working for MSS.

Along with Zhao and Ni, the Wuhan Xiaoruizi Science and Technology Company Ltd in Hubei province is accused of being associated with APT31 and part of China's "state-sponsored apparatus" through MSS.

The US is also offering rewards of up to US$10 million for information that leads to the identification or location of any person that engages in malicious cyber activities, while acting under the control or direction of foreign governments.

Other APT31 associates include:

  • Cheng Feng 程锋;
  • Peng Yaowen 彭耀文;
  • Sun Xiaohui 孙小辉;
  • Weng Ming 翁明;
  • Xiong Wang 熊旺.

They are said to have worked with Ni and Zhao to develop malware and to device "malicious cyber processes" along with assisting in cyber intrusions against a long list of victims associated with US government and critical infrastructure.

Update: China's ambassador to New Zealand has published a response to Tuesday's APT31 hacking allegations.

 

We welcome your comments below. If you are not already registered, please register to comment.

Remember we welcome robust, respectful and insightful debate. We don't welcome abusive or defamatory comments and will de-register those repeatedly making such comments. Our current comment policy is here.

18 Comments

As if the UK, Israel and the US aren't doing exactly the same thing, but we're the good guys - right? Must be a super burn to have the playbook applied in reverse. At least the Chinese don't have to keep up a veneer of "democratic freedom" nor conform to "western values", and will ultimately use this gullibility against us.

Up
5

what we see on media is already things got filtered and engineered. 

Up
3

Sadly true.  Little in the way of outright lies but very heavy self censorship of matters unpalatable to the establishment. 

Up
4

Yes we are the good guys. Feel free to go join the 'others' in China, North Korea, Iran etc.

The naivety of some amongst us is what is exploited.

Up
8

I'd prefer to join the "civilised" guys who don't have double standards.

Did Bolton tell Trump to go and sit on the rug and play with his blocks?

Up
0

Sooner or later the line will be crossed. Bad news if they actively decide to become a pariah state.

Up
1

there is truth in your  words, except, no one will want to stay in the crowd if they are not treated fairly.  that's why they are building their own group.

Up
0

How hard can it be to stop hackers?????

Using the Cloud seems to be a huge weakness.

Up
1
Up
1

Why do you hate the USA / West so much?

Up
1

Their actions towards each other confirm self loathing hatred, only surpassed by their stated intentions towards the likes of Russia etc. Small video clip

Up
2

If you haven't worked it out yet humans aren't very nice to each other as individuals or groups (and it is not just the West) 

Up
2

I wonder if those cyber criminals uplifted by the Chinese authorities from Fiji were in fact state hackers being rescued before they were discovered.  Conspiracy theory? Perhaps?

Up
1

interesting timing

Up
1

Yes.  And since when have the Chinese authorities ever been worried this sort of thing going on in China, let alone in another country.  Very suspicious.

Up
0
Up
2

Call them out. Too right. If they want to publicly call us out in return then let them do it.

Pardon? 

Thought so.

Up
0