Britain on Monday accused Chinese hackers of trying to break into email accounts of British lawmakers who were critical of China and said a separate Chinese entity was behind a hack of its electoral watchdog that compromised millions of people's data.
In response to the attempted hack in 2021 of emails belonging to British politicians who are critical of China, Britain imposed sanctions on two people and one company linked to state-backed Chinese hacking group APT31.
Britain also said an unidentified Chinese state-affiliated hacking group was behind a separate 2021-2022 cyber-attack on Britain's Electoral Commission. That hack was disclosed last year but Britain had not previously said who was responsible.
Deputy Prime Minister Oliver Dowden told parliament the attacks "demonstrate a clear and persistent pattern of behaviour that signals hostile intent from China", adding the foreign office had summoned the Chinese ambassador to explain.
Conservative MP Iain Duncan Smith, one of the targeted lawmakers, said Beijing should be labelled a threat to the UK. He was one of several UK MPs sanctioned by China in 2021 because of criticisms of human rights abuses against China's Uyghur minority and in Hong Kong.
China has responded to hacking allegations by the United Kingdom stating that evidence the country provided was insufficient, a spokesperson for the Chinese foreign ministry said on Tuesday. "Britain's accusation is unprofessional," the Chinese foreign ministry spokesperson said.
Strained ties
The British government is attempting to strike a delicate balance between trying to neutralise security threats posed by China while maintaining or even enhancing engagement in some areas such as trade, investment and climate change.
But there has been growing anxiety about China’s alleged espionage activity in Britain, particularly ahead of a general election expected later this year.
Tensions between Beijing and Western powers over issues related to cyberespionage have been rising as Western intelligence agencies increasingly sound the alarm on Chinese state-backed hacking activity.
Last month, security officials told Reuters that the US government had launched an operation to fight a pervasive Chinese hacking operation that compromised thousands of internet-connected devices.
Days later, Dutch intelligence agencies said Chinese cyberspies had gained access to a military network in The Netherlands in what they said was a trend of Chinese political espionage.
APT31, the Chinese hacking group Britain claims was behind the targeting of lawmaker emails, has a history of spying on politicians and their staff.
In 2020, security researchers at Google and Microsoft warned that the group had targeted the personal emails of campaign staff working for U.S. President Joe Biden. According to U.S. cybersecurity firm Secureworks, APT31 has also targeted legal, consulting, and software development firms.
Britain has spent the last year trying to improve ties with China after the relationship sunk to its lowest point in decades under former Prime Minister Boris Johnson, when London restricted some Chinese investment over national security worries and expressed concern over a crackdown on freedoms in Hong Kong.
Dan Lomas, an intelligence and security analyst at the University of Nottingham, said Britain's decision to call Beijing out publicly showed the government was willing to challenge China.
It is “unlikely that sanctions and harsh words will significantly alter trade between the UK and China," he said. "But we are going to see a war of words."
Concerted efforts
In rare and detailed public accusations against China - the United States, Britain and New Zealand on Monday described a series of cyber breaches over the last decade or more in what appeared to be a concerted effort to hold Beijing accountable.
In response, China on Tuesday insisted it "opposes and cracks down on all forms of cyberattacks" and accused the US of using the Five Eyes spying alliance "to compile and disseminate false information about threats from Chinese hackers".
"China firmly opposes this, has made strong demarches with the United States and relevant parties," foreign ministry spokesperson Lin Jian said.
This week's revelations follow a massive leak of data from a Chinese tech security firm in February, which experts said showed the company was able to breach foreign governments, infiltrate social media accounts and hack personal computers.
The trove of documents from I-Soon, a private company that competed for Chinese government contracts, shows that its hackers compromised more than a dozen governments, according to cybersecurity firms SentinelLabs and Malwarebytes.
In recent years, Western nations have been increasingly willing to expose malicious cyber operations, and to point fingers at foreign governments -- most notably China, Russia, North Korea and Iran.
Both Russia and China have been accused of using cutouts and off-site groups to carry out cyberattacks, making attribution more difficult. (Agencies)
Damian Talbot