In March last year an integrated review of the UK’s defence and foreign policy said it would protect the country’s “democratic freedoms” from Chinese state attacks.
A few months later the Electoral Commission confirmed why democratic institutions and processes were on the threat list as it revealed that a cyber-attack – by a then unidentified assailant – had accessed the data of 40 million voters.
On Monday the UK government said an unnamed Chinese state-backed actor was behind the sortie and that a Beijing-affiliated group, called APT31, was likely to have been responsible for targeting the email accounts of four British parliamentarians who have been critical of China.
The list of targets cited by the integrated review went beyond democratic institutions and processes however, and outlined the scale of the Chinese cyber-threat. The economy, critical national infrastructure and supply chains were also mentioned. Last year the all-party intelligence and security committee of parliament said China had the resources to target the UK “prolifically and aggressively”, referring to “hundreds of thousands of civil intelligence officers” and a “highly capable and increasingly sophisticated cyber-espionage operation”.
The Electoral Commission was just the latest target of a data-gathering operation that is global and is “being done on an industrial scale”, according to Alan Woodward, a professor of cybersecurity at Surrey University.
While names and addresses on their own are not enough to pose a substantial threat to electoral integrity, they could be combined with other data to target specific voters in swing seats, he said.
“The attackers were able to walk off with what on the face of it does not sound like high-value data. But when you combine it with information elsewhere, like social media accounts, you can start to narrow it down to specific individuals or groups that should be targeted,” he said.
In a recent report, the US cybersecurity firm Secureworks said it had seen Chinese hackers attack organisations around the world deemed a high priority for Beijing’s economic strategy including biotechnology, aerospace, renewable energy and microchips. The aim of the attacks was to secure data and intellectual property.
Defence industry supply chains in the western world have also been targeted. In 2022 the director of the FBI, Christopher Wray, warned western companies that China was trying to “ransack” their intellectual property. In the same year a Chinese government intelligence officer was sentenced to 20 years in prison in the US for crimes including an attempt to steal aircraft engine technology from General Electric.
Don Smith, the vice-president of threat research at Secureworks, said China could run the “full gamut” of cyber operations. The latest incidents outlined by the UK government on Monday were consistent with a wide-ranging strategy, he added, which covers intellectual property theft, targeting rival states such as the UK and attacking non-governmental organisations.
“The Chinese are involved in the full gamut of cyber operations,” Smith said. “These range from traditional cyber-espionage for reasons of national security, to carrying out cyber-espionage for commercial advantage and targeting those perceived to be enemies of the Chinese state.”
In a statement on Monday, the US deputy attorney general, Lisa Monaco, said China’s global hacking operation aimed to “repress critics of the Chinese regime, compromise government institutions and steal trade secrets”, as the US charged seven alleged Chinese hackers with conspiracy to commit computer intrusions and wire fraud in a day of joint action with the UK.
China wants to be a world-leading power in the field of artificial intelligence. According to some observers, this could be where the Electoral Commission hack, and others like it, have serious consequences as half the world heads to the polls this year.
Darktrace, a British cybersecurity firm, said on Monday the adoption of generative artificial intelligence – which can create plausible audio, text and image from a simple hand-typed prompt – has the potential to “increase levels of disruption and allow for more sophisticated techniques to sow misinformation, access sensitive information and influence voters”.
Oliver Dowden, the deputy prime minister, said on Monday the UK “will not hesitate to take swift and robust actions wherever the Chinese government threatens the United Kingdom’s interests.”
Those threats will undoubtedly continue – and not just for the UK.