A top Chinese diplomat was brought into the Foreign Office on Tuesday after the British government called for a cyber attack on the election commission and parliamentarians.
The Chinese chargé d’affaires in London was summoned for a formal unveiling, the prime minister’s official spokesman said. It is understood that Ambassador Zheng Zeguang is leaving the United Kingdom.
The prime minister’s spokesman denied criticism from several MPs that the government was deferring to Beijing after it announced limited sanctions against two Chinese individuals and a company over previous hacking.
“Where necessary, we always take action in the national interest to defend our critical national infrastructure, address foreign interference and strengthen our capabilities,” he said.
Asked about reports that the government could force Chinese state-owned companies to register for further scrutiny in Britain of a foreign agent scheme, the spokesman said: “The scheme is currently being finalized and no countries have been specified yet.
“As the Deputy Prime Minister (Oliver Dowden) said yesterday, there is a case for adding China, but there is a process to go through and it would not be appropriate to speculate on which countries might be specified in the future .” Education Minister Gillian Keegan said on GB News that the action announced on Monday was a “first step”.
She added: “It is clearly a complex issue.
“It is clear that we also want to prevent trade problems from arising.
“It is complex, but we must also be steadfast and we have worked with our allies to understand the threats we face.
“You have national security, but you also have a major trading partner… we get a lot of our imports from China.
“We take informed responses. We will always be vigilant… national security is the most important thing.”
Britain and the United States have accused China of a global campaign of “malicious” cyber attacks in an unprecedented joint operation to expose Beijing’s spying.
Britain has publicly blamed China for attacking the election commission watchdog and for being behind an online “reconnaissance campaign” targeting the email accounts of MPs and peers.
Chinese spies are likely to use the stolen data to attack dissidents and critics of Xi Jinping’s government in Britain, British intelligence services believe.
US officials said the hacking group APT31 has targeted the sensitive data of politicians, journalists, academics, dissidents and US companies for more than a decade.
The “prolific global hacking operation” backed by the Chinese government aimed to “suppress critics of the Chinese regime, compromise government institutions and steal trade secrets,” US Deputy Attorney General Lisa Monaco said.
The hackers sent more than 10,000 “malicious” emails to the targets to gain access to personal information, US prosecutors said, adding that the criminals threatened to “undermine democracies and threaten our national security.”
The US on Monday indicted seven of the alleged Chinese hackers.
Seven hackers linked to the Chinese government charged with computer intrusions targeting perceived critics of China and US companies and politicians https://t.co/nL5Wuh7mev
— U.S. Attorney EDNY (@EDNYnews) March 25, 2024
Britain said Beijing-linked hackers were behind the attack on the electoral commission, which exposed the personal data of 40 million voters, as well as 43 people including MPs and peers.
A front company, Wuhan Xiaoruizhi Science and Technology Company, and two individuals, Zhao Guangzong and Ni Gaobin, associated with the hacking group APT31, were sanctioned in response to the hacks.
However, some lawmakers targeted by Beijing said the response did not go far enough.
They urged the government to toughen its stance on China by labeling the country a “threat” to national security rather than an “epoch-defining challenge,” and to place China on the “strengthened” rank under the Foreign Influence Registration Scheme.
Conservative former minister Tim Loughton told Sky News: “We are going to impose sanctions on two people, two fairly modest officials, and a private company, which employs 50 people. That’s just not good enough.”
Mr Dowden, who announced the measures in a House of Commons statement, appeared to suggest that China could soon be declared a “threat”.
He told MPs that “we are currently in the process of reaching a collective government agreement” on the issue, and that “the behavior I have described today will clearly have a very strong influence on the decision we make”.
Cabinet tensions over the issue have reportedly surfaced, with some ministers pushing for tougher action against Beijing while others push back against concerns it could damage economic and trade ties.
Foreign Secretary Lord Cameron said the actions were “completely unacceptable” and he had raised the issue with his Chinese counterpart Wang Yi.
The Chinese ambassador has also been summoned to the Ministry of Foreign Affairs to answer for his country’s actions.
Hostile actors were active in our systems and had access to servers containing our email, control systems and copies of the electoral rolls. Since then, we have been working with external security experts and the National Cyber Security Center to investigate and secure our systems.
— Electoral Commission (@ElectoralCommUK) August 8, 2023
The Electoral Commission attack was identified in October 2022, but at that point the hackers had already had access to the commission’s systems containing the data of tens of millions of voters for more than a year.
The registers kept at the time of the cyberattack included the name and address of everyone in Britain registered to vote between 2014 and 2022, as well as the names of those registered as overseas voters.
The National Cyber Security Center (NCSC), part of GCHQ, said it was likely that Chinese state-linked hackers had stolen emails and electoral register data.
Combined with other data sources, this was most likely used by Beijing’s intelligence services for large-scale espionage and transnational suppression of suspected dissidents and critics in Britain.
There is no evidence the hack has had any impact on Britain’s largely paper-based electoral system.
Mr Dowden stressed that the local elections in May and the general election later this year would be safe from Chinese cyber attacks.
He told the PA news agency: “Yes, I can guarantee that our election processes will be secure.”
Britain acted with the support of allies in the Five Eyes intelligence-sharing partnership, which also includes the US, Canada, Australia and New Zealand, in identifying the China-linked cyber campaigns.
On Tuesday, New Zealand suspected hackers linked to the Chinese government launched a state-sponsored operation targeting the country’s parliament in 2021.
Minister responsible for the Government Communications Security Bureau (GCSB), Judith Collins, said in a statement: “The GCSB’s National Cyber Security Center (NCSC) has completed a robust technical review following a compromise between the Parliamentary Counsel Office and the Parliamentary Service in 2021. and has attributed this activity to a PRC (China) state-sponsored group known as APT40.
“Fortunately in this case, the NCSC worked with the affected organizations to contain the activity and remove the actor shortly after gaining access to the network.”
She added that New Zealand will not follow the UK and US in sanctioning China because the country has no law allowing such punishments.
The Chinese government strongly denied that it had carried out, supported or encouraged cyber-attacks on Britain, describing the claims as “completely fabricated and malicious slander”.
A spokesperson for the Chinese Embassy in London said: “China has always vigorously combated all forms of cyber attacks in accordance with the law.
“China does not encourage, support or tolerate cyber attacks.
“At the same time, we oppose the politicization of cybersecurity issues and the baseless denigration of other countries without factual evidence.
“We urge the relevant parties to stop spreading false information and put an end to their self-staged anti-China political farce.”