Stay up to date with notifications from The Independent

Notifications can be managed in browser preferences.

China accused of ‘systematic cyber sabotage’ by UK and international allies

The attacks, the allies charge, are carried out by criminal hacking groups with the active backing of China’s Ministry of State Security

Kim Sengupta
Diplomatic Editor
Monday 19 July 2021 14:54 EDT
Comments
China is accused of being a global threat through its use of cyberwarfare
China is accused of being a global threat through its use of cyberwarfare (Reuters)

Your support helps us to tell the story

From reproductive rights to climate change to Big Tech, The Independent is on the ground when the story is developing. Whether it's investigating the financials of Elon Musk's pro-Trump PAC or producing our latest documentary, 'The A Word', which shines a light on the American women fighting for reproductive rights, we know how important it is to parse out the facts from the messaging.

At such a critical moment in US history, we need reporters on the ground. Your donation allows us to keep sending journalists to speak to both sides of the story.

The Independent is trusted by Americans across the entire political spectrum. And unlike many other quality news outlets, we choose not to lock Americans out of our reporting and analysis with paywalls. We believe quality journalism should be available to everyone, paid for by those who can afford it.

Your support makes all the difference.

Britain and its international partners have accused China of being a global threat carrying out “systematic cyber sabotage” on a massive scale, using criminal hacking groups for spying, data theft, blackmailing businesses and targeting political opponents.

Just one attack, on Microsoft Exchange email services, affected a quarter of a million servers worldwide, ranging from government departments and security installations to commercial concerns and civic society organisations.

The organised hacking last March was one of an increasing number of hacking missions instigated by Beijing, according to a newly formed alliance of states that publicly identifies Beijing as being responsible for aggressive cyber warfare in its first joint statement, and warns that “it will be held to account” over its aggressive actions.

The group formed by the US and other Nato member states, the European Union, Australia, New Zealand and Japan has agreed to pool resources to counter the offensive through sharing intelligence and technology.

The attacks, the allies charge, are carried out by criminal hacking groups with the active backing of China’s Ministry of State Security. Their wide-ranging and expanding activities include not just espionage, but extortion by spreading ransomware and cryptojacking.

The state-sponsored blackmail means that the Chinese government is complicit in demanding millions of dollars from private companies in exchange for digital keys that allow victims to regain access to their computer networks, say western security officials.

The British government has named a number of hacking groups as being backed by Beijing’s State Security Ministry for political and commercial intelligence gathering, to destabilise states and use clandestine means in pursuit of foreign policy.

Responsible states do not indiscriminately compromise global network security nor knowingly harbour cyber criminals – let alone sponsor or collaborate with them

Antony Blinken, US Secretary of State

The National Cyber Security Centre (NCSC) identified “APT40” and “APT31”, HAFNIUM, TEMP.Periscope, TEMP.Jumper. Leviathan, Judgement Panda, Zirconium and Red Keres as responsible for the attacks. As well as the Micrsoft infiltration, they had targeted defence contractors in Europe and US, political figures critical of Beijing, the parliament in Finland, elections in countries neighbouring China, and opponents of Beijing’s “Belt and Road” programme – a strategy seen as promoting Chinese hegemony through debt dependency.

In the US, the National Security Agency, FBI and Cybersecurity and Infrastructure Security Agency published details of more than 50 tactics Chinese state-sponsored hackers use when targeting western networks, including spearphishing emails with malicious attachments and exploitation of public-facing applications.

The accusations against the Chinese government came on the same day that indictments were unsealed in Washington showing that the US administration has charged four Chinese nationals affiliated with the Ministry of State Security with a campaign to hack into computer systems of dozens of companies, universities and government agencies in the US and abroad between 2011 and 2018. The documents allege that Ebola vaccine research was among the hackers’ targets.

The British foreign secretary, Dominic Raab, said: “The Chinese government must end this systematic cyber sabotage and can expect to be held account if it does not.”

The US secretary of state, Antony Blinken, said: “Responsible states do not indiscriminately compromise global network security nor knowingly harbour cyber criminals – let alone sponsor or collaborate with them. These contract hackers cost governments and businesses billions of dollars in stolen intellectual property, ransom payments, and cybersecurity mitigation efforts, all while the MSS ( Ministry of State Security) had them on its payroll.”

The European Union’s foreign policy chief, Josep Borrell, added that the cyberattack was conducted from China and “resulted in security risks and significant economic loss for our government institutions and private companies”.

Join our commenting forum

Join thought-provoking conversations, follow other Independent readers and see their replies

Comments

Thank you for registering

Please refresh the page or navigate to another page on the site to be automatically logged inPlease refresh your browser to be logged in