The United States and United Kingdom on Monday accused Chinese government-linked hackers of conducting a large-scale cyber espionage campaign targeting a wide range of individuals and entities since 2010.

In a coordinated response, the U.S. Department of Justice indicted seven individuals believed to be in China and part of the hacking group APT31. The UK government sanctioned a company and two individuals linked to a separate breach targeting potentially millions of voters.

American and British officials allege the campaign aimed to:

• Harass critics of China: This included journalists, activists, and political figures.
• Steal trade secrets: The hackers targeted American corporations.
• Conduct surveillance: They monitored high-level political figures in the U.S.

Methods and Targets

The hackers reportedly sent over 10,000 malicious emails to targets, which often appeared to be from prominent news outlets or journalists. These emails contained hidden tracking links that, when opened by the recipients, transmitted information about the victims’ location, internet protocol (IP) addresses, network schematics, and specific devices used to access the email accounts to a server controlled by the hackers. 

This information was then used to enable more direct and sophisticated targeted hacking, including compromising the victims’ home routers and other electronic devices

The indictment also revealed hacking attempts on routers and devices at the residences of prominent U.S. politicians, journalists, and international critics of China.

UK breach

British authorities investigating a separate breach say it did not affect voters’ rights or electoral processes. However, they confirmed hackers attempted to gather information on British parliamentarians critical of China in 2021, though no parliamentary accounts were compromised.

China Denies Allegations

China has rejected the accusations, calling for evidence-based discussions and criticizing the politicization of cybersecurity issues. Both the Chinese Foreign Ministry and embassy in the U.S. have called the claims “baseless” and a “distortion of facts.”

This incident highlights broader concerns about cybersecurity and foreign influence, particularly with major elections approaching. Both the U.S. and UK have pledged to protect their national security and democratic processes from such cyber threats, emphasizing the need for vigilance against foreign interference.Ⓒ