US and UK Sanction China Over Alleged Cyber Spying

March 27, 2024

US and UK uncover sanctions offered against hackers backed by the Chinese state over recent malicious attacks that took place. In order to counter cyber threats, the United States and the United Kingdom took coordinated action by imposing sanctions on individuals and groups linked to China. The sanctions come in response to allegations of an extensive cyber espionage campaign orchestrated by China, targeting politicians, journalists, critics of Beijing, and strategically important companies and government officials. The announcement, made on Monday, March 25, 2024, reveals the alarming scale and severity of the cyber attacks, which have been previously reported but not to this extent.

Background

The relationship between China and Western nations, and in particular the United States, marks the escalating tensions in recent years. Concerns over cyber security, intellectual property theft, and human rights violations have been at the forefront of these tensions. The US has repeatedly accused China of engaging in state-sponsored hacking activities, aimed at gaining economic and strategic advantages by targeting American companies and government agencies.

Group of hackers

The US and UK have identified the hacking group behind the alleged cyber espionage campaign as Advanced Persistent Threat 31 (APT 31), also known by various monikers such as Zirconium, Violet Typhoon, Judgment Panda, and Altaire. The US Department of Justice states that APT 31 operates under the directives of China’s Ministry of State Security, based in the city of Wuhan. This group has been implicated in high-profile attacks in the past, including the targeting of personal emails belonging to campaign staff working for Joe Biden in 2020.

Cyber espionage campaign – possible targets

The alleged cyber espionage campaign launched by APT 31 had a wide range of targets, including:

  • Politicians and government officials who have been critical of China
  • Journalists and media organizations
  • Human rights activists and advocates for democracy
  • Companies of strategic importance in sectors such as defense, telecommunications, and manufacturing
  • Academics and researchers working on sensitive topics related to China

Cyber attacks – techniques employed

APT 31 allegedly employs sophisticated techniques to infiltrate the computer systems and networks of their targets. These techniques included:

  • Spear-phishing emails containing malicious links or attachments
  • Exploitation of software vulnerabilities, such as the Microsoft Exchange Server zero-day vulnerabilities
  • Malware designed to evade detection by antivirus software
  • Credential theft and password spraying attacks to gain unauthorized access to accounts
  • Supply chain attacks to compromise third-party software providers and infiltrate target networks

The group also resorted to social engineering tactics to deceive victims into revealing sensitive information or granting access to their systems.

Cyber espionage campaign and its impact

The alleged cyber espionage campaign faces far-reaching consequences for the targeted individuals and organizations, as well as for the broader international relations between China and Western countries. Some of the notable impacts include:

  • Compromise of sensitive data, including intellectual property, trade secrets, and personal information
  • Disruption of business operations and financial losses for affected companies
  • Intimidation and silencing of critics and dissidents, undermining freedom of expression and human rights
  • Erosion of trust in the global technology supply chain and the integrity of software and hardware components
  • Heightened tensions between China and the US, UK, and other allies, leading to further economic and diplomatic sanctions

The US and UK governments stresses the necessity for a unified international response to counter such malicious cyber activities and hold the perpetrators accountable.

Response from China

The Chinese Ministry of Foreign Affairs has countered by accusing the US and UK of hypocrisy, pointing to their own extensive surveillance programs and cyber capabilities. China asserts that it is a strong advocate for cybersecurity and has consistently called for international cooperation to address global cyber threats.

Implications on an international level

The imposition of sanctions on China by the US and UK in response to the alleged cyber espionage campaign carries significant international implications. It underscores the growing concern among Western countries regarding China’s increasingly assertive behavior in cyberspace and its use of cyber operations to further its strategic interests.

« »

Month: 

Category: 

Leave a Reply