In a recent revelation, the Chinese Espionage campaign orchestrated by state-linked hackers targeted high-profile European politicians, including the Czech Republic’s foreign minister and Britain’s Europe minister.
The United States, in conjunction with the United Kingdom, unveiled details of the 2021 online campaign by hackers associated with China’s Ministry of State Security. The U.S. Department of Justice issued indictments, while the U.K. imposed sanctions on the hacking group known as APT31.
According to the U.S. indictment, the hackers, under the guise of APT31, launched a sophisticated campaign that involved sending over 1,000 emails to more than 400 unique accounts belonging to members of the Inter-Parliamentary Alliance on China (IPAC). Their objective was to gather data on the internet activities and digital devices of IPAC members critical of Beijing.
What is IPAC ?
The Inter-Parliamentary Alliance on China (IPAC) is an open, free and rules-based international order that supports human dignity. It is created so that like-minded countries can join in to participate actively in its governance and enforcement. It also aims to construct appropriate and coordinated responses, and to help craft a proactive and strategic approach to issues related to China.
The IPAC has 8 participating nations– US, Germany, UK, Japan, Australia, Canada, Sweden, Norway.
Chinese Espionage
Chinese espionage refers to the covert activities conducted by Chinese government agencies or affiliated entities to gather intelligence, technology, political, or economic information from foreign governments, organizations, or individuals. This espionage can take various forms, including cyberattacks, human intelligence operations, infiltration of institutions, and covert influence campaigns. The goals of Chinese espionage may include advancing China’s national security interests, bolstering its military capabilities, supporting its economic development, and protecting the ruling Communist Party’s power and ideology. Chinese espionage activities have been a subject of concern and scrutiny for many countries and international organizations due to their scale, sophistication, and potential impact on global security and stability.
Among the targets of APT 31 were British Minister for Europe Nusrat Ghani and Czech Foreign Minister Jan Lipavský, both IPAC members. Lipavský, commenting on the incident, emphasized the need for trans-Atlantic cooperation in addressing China’s escalating assertiveness.
Ghani, who was a parliament backbencher at the time of the attacks, had previously raised concerns in the U.K. parliament about Chinese hacking activities targeting IPAC members.
The indictment further revealed that China had targeted 43 U.K. parliamentary accounts, predominantly belonging to IPAC members.
U.S. prosecutors disclosed that the Chinese hacking group APT31 had been conducting cyberattacks on American political and state officials since at least 2015.
What is APT31?
Advanced Persistent Threat Group 31 (APT31) is a collective of Chinese state-sponsored intelligence officers, contract hackers and attendant staff that engage in hacking activities and “malicious cyber operations” according to the U.S. Treasury department in a statement. APTs are a general term for cyber actors or groups, often state-backed, that engage in malicious cyber activities.
The group, also known as Zirconium, operated through a front company, Wuhan Xiaoruizhi Science and Technology Company (Wuhan XRZ), from at least 2010 until January 2024, according to a U.S. indictment filed in New York’s eastern district court on Monday. It is allegedly linked to China’s Ministry of State Security (MSS) in the province of Hubei.
The hackers utilized various tactics, including impersonating American journalists to extract information from victims.
Although more harmful software tools were employed in other campaigns targeting the U.S., the OFAC indictment did not specify their use against European targets in the 2021 email campaign aimed at IPAC members.
While the European Union has not publicly acknowledged the impact on European lawmakers detailed in the U.S. indictment, it expressed solidarity with the U.K. and were still investigating the assertions made by the U.S.
