Chinese State-Backed Hackers Indicted and Sanctioned by the US and UK

US and British authorities have unveiled sweeping allegations of state-sponsored cyber attacks by China, accusing hackers linked to Beijing of engaging in a decade-long campaign to steal trade secrets, track dissidents and pro-democracy figures, and data on millions of British voters.  

The U.S. Department of Justice unveiled criminal charges against seven Chinese nationals tied to hacking operations, while both Washington and London imposed sanctions and other restrictive measures on the Wuhan-based technology company that allegedly served as a front for hacking operations. The actions represented a forceful show of transatlantic unity against what Western officials portrayed as relentless cyber attacks from China.  

At the heart of the allegations is a notorious hacking group known by names like APT31 or "Zhenhua" that prosecutors say is effectively an arm of China's main intelligence service, the Ministry of State Security. Officials accused the group of unleashing a vast cyber spree dating back over 10 years that indiscriminately targeted organizations and individuals around the world.  

Decade-long attacks spanned commercial and government entities 

The breadth of victims outlined by U.S. and British authorities was far ranging in scope. According to prosecutors, APT31 hacked into computer systems belonging to companies in fields like aerospace, defense contracting, technology and manufacturing, pilfering trade secrets and other sensitive data along the way. 

The group also infiltrated U.S. government computer networks at agencies involved in national security matters. Several U.S. politicians were swept up as victims too, including staffers tied to at least one presidential campaign in the run-up to the 2020 election, prosecutors claimed. APT31 is also allegedly behind cyber espionage operations in 2021 that targeted the email accounts of multiple UK members of parliament. 

APT31 is accused of going after dissidents, pro-democracy activists, journalists and others who have been critical of the Chinese Communist Party. The hackers even tracked the spouses of some senior U.S. officials in efforts to compile intelligence, according to charging documents. The aim of the global hacking operation was to "repress critics of the Chinese regime, compromise government institutions, and steal trade secrets," Deputy U.S. Attorney General Lisa Monaco said in a statement. 

The UK government has also accused a separate China-backed hacker of a cyberattack in 2021, compromising the personal data of roughly 40 million voters from the Electoral Commission's register, affecting individuals registered between 2014 and 2022.  The breach was not detected until a year later, in 2022. "China's support for the hackers presents an epoch-defining challenge and the greatest state-based threat to our economic security," stated British Prime Minister Rishi Sunak. 

Chinese officials pushed forcefully back against the allegations, with a Foreign Ministry spokesperson dismissing them as "disinformation" and "groundless accusations." A spokesman for the Chinese embassy in Washington echoed those sentiments. The heated statements reflect rapidly intensifying strategic tensions between the U.S. and its allies on one side, and an increasingly assertive China on the other.  

The revelations add to a growing list of cyber attacks over the years that have been linked to the Chinese government as part of a broader geopolitical spying and economic espionage campaign. In 2015, U.S. officials accused Beijing of orchestrating one of the biggest ever digital thefts after suspected state-backed hackers stole over 22 million security clearance records on federal employees.