On Monday, the U.S. Justice Department revealed charges against Chinese hackers, accusing them of long-term cyberattacks on American businesses and officials. The indictment named seven individuals allegedly part of a hacking group that, for over a decade, targeted those critical of China. This group, known as Advanced Persistent Threat 31 (APT31), is said to have attempted to infiltrate many counties’ computer systems and commit espionage and fraud.
U.S. Attorney General Merrick B. Garland emphasized that such actions against America, aimed at intimidating American public servants, silencing dissidents, and stealing business information, will not be tolerated. He highlighted this case as a stark reminder of the lengths China may go to in undermining its critics and threatening the security of the U.S. and its allies.
The United Kingdom has also accused Chinese hackers of launching harmful cyberattacks against political figures and claiming that they obtained the personal data of many U.K. voters. Oliver Dowden, the British Deputy Prime Minister, said that these Chinese hackers were behind the 2021 and 2022 cyberattacks aimed at the U.K.’s democratic systems and politicians.
Dowden also believes China engaged in attempts to spy on British lawmakers’ email accounts, explicitly calling out APT31 for its role in the hacks. While he confirmed that the email breach attempts were unsuccessful, he noted that this incident is part of a consistent pattern of aggressive actions traced back to China. Consequently, the U.K. has imposed sanctions on two individuals in China and an organization connected to APT31.
APT31, also known as Zirconium, is a group linked to Chinese government-sponsored cyber activities. They consist of intelligence agents, hackers, and support staff who engage in hacking and other harmful online actions. This group has been around for more than ten years and is known for targeting a wide range of people and organizations globally, including government officials, journalists, and businesses, for spying and financial gain.
APT31 is believed to operate through Wuhan Xiaoruizhi Science and Technology Co, a front company with ties to China’s Ministry of State Security. It has been implicated in various cyberattacks, including ones on the Finnish Parliament and other significant breaches.
The Chinese Embassy in the U.K. has vehemently denied these accusations, calling them completely made up and harmful lies. A spokesperson from the embassy insisted that China “always strictly opposes cyberattacks” and deals with them according to the law.
However, New Zealand begs to differ and points to malicious cyber activity linked to APT31 targeting its parliament. New Zealand’s Foreign Minister Winston Peters said that “foreign interference of this nature is unacceptable” and that he has “urged China to refrain from such activity in future.” New Zealand has conducted an in-depth security assessment to stop any further activity.
Even Australia is not immune from Chinese cyber-attacks. In 2019, Australian intelligence reported that China was behind a cyberattack targeting the country’s national parliament and its three major political parties prior to a general election. However, the Australian government declined to identify any particular Chinese hacker group.
China’s alleged hacking of other countries’ computers serves multiple purposes, including espionage, economic gain, political influence, cyber warfare, and intimidation. Through these actions, China aims to gather intelligence on foreign governments and military capabilities, steal intellectual property from businesses and research institutions, potentially manipulate political processes, infiltrate critical infrastructure systems for strategic advantage, and intimidate critics of the Chinese government worldwide. These activities are part of a larger strategy to advance China’s national interests, assert its global influence, and solidify its position as a leading world power.
China consistently denies accusations of cyberattacks, rejecting them as unfounded and politically motivated. Despite international pressure, China has not yet threatened retaliation for the claims but continues to deny them and call for an end to what it perceives as “political manipulation.”
However, expert analysis strengthens the arguments linking China to significant cyberattacks. Through technical forensics, cybersecurity experts and government agencies investigate these attacks by examining unique patterns of malware and operational strategies associated with Chinese cyber groups. The goals and methods of these cyberattacks often align with China’s strategic interests, providing further support for the involvement of Chinese government-backed entities.
New Zealand has joined the ranks of those targeted by China and is joining forces with other affected countries, including the United States, to condemn APT31. Experts caution that China’s cyberattacks are becoming more capable and frequent, indicating a troubling trend that could escalate further. They argue that these attacks assess foreign governments’ reactions and are part of a larger strategy.
It’s a bold new type of warfare, with key players brought to you by Wuhan, the same city that unleashed a global pandemic. It’s a war that will take place in cyberspace, with implications that very well may bring the world to its knees.
