The UK government has formally accused China of being behind what it called “malicious” cyber campaigns against MPs and the Electoral Commission.
Two people and a company have been sanctioned over cyber-attacks. Deputy PM Oliver Dowden said they were behind attempts to access details of MPs critical of Beijing, as well as the data of potentially 40 million voters. The Chinese embassy in the UK says these are “completely unfounded” claims amounting to “malicious slander”. The two Chinese nationals sanctioned by the UK are Zhao Guangzong and Ni Gaobin and the company is Wuhan Xiaoruizhi Science and Technology Company Ltd, said by the British government to work for the China state-affiliated cyber espionage group Advanced Persistent Threat Group 31 (APT31). The UK sanctions will freeze assets, barring UK citizens and businesses from handling their funds or resources. A travel ban will also prevent them from entering or remaining in the UK. “The UK will not tolerate malicious cyber activity,” Mr Dowden said. “It is an absolute priority for the UK government to protect our democratic system and values.” The Chinese ambassador is being called in to be held “to account for China’s conduct in these incidents”, Mr Dowden added. The US has announced that the same two Chinese nationals are among a group of seven facing criminal charges of conspiracy to commit computer intrusions and conspiracy to commit wire fraud in New York. Authorities in New Zealand have also accused China of targeting its parliamentary network in 2021, with the country’s defence minister Judith Collins saying the Chinese state-sponsored group known as APT40 was behind the hacking activity. But New Zealand said it would not introduce sanctions, as it was not part of the government’s legislative agenda. The cyber attack on the UK Electoral Commission between August 2021 and October 2022 was one of the most significant in British history. Not only were databases containing names and addresses of people accessed, but also sensitive emails from its “control systems” and between election officials over six by-elections. However, Mr Dowden said the security of elections had not been compromised and “typically does not create a risk to those affected”.