The UK government has announced that Chinese state-affiliated organisations and individuals were responsible for two cyber campaigns aimed at democratic institutions and parliamentarians.
This revelation, supported by international allies, highlights ongoing concerns about cyber activities targeting democratic processes.
Partners across the Indo-Pacific and Europe have expressed their support for the UK’s efforts to address these malicious activities.
Electoral commission systems likely compromised
The UK’s National Cyber Security Centre (NCSC), part of GCHQ, has assessed that the UK Electoral Commission systems were likely compromised by a Chinese state-affiliated entity between 2021 and 2022.
This attack forms part of a broader pattern of cyber activities aimed at undermining democratic institutions.
In a separate incident in 2021, NCSC has determined it is almost certain that Advanced Persistent Threat Group 31 (APT31), associated with China, conducted reconnaissance against UK parliamentarians.
The targets were primarily those who had been vocal in criticising China. However, no parliamentary accounts were successfully compromised during this campaign.
Diplomatic and sanction responses
In response to these cyber threats, the UK’s Foreign, Commonwealth and Development Office summoned the Chinese Ambassador and imposed sanctions on a front company and two individuals linked to APT31.
The United States is also taking similar actions against the same individuals and entity. This coordination underscores the importance of international cooperation in addressing cyber threats.
Foreign Secretary Lord Cameron emphasised the UK’s commitment to defending its democratic institutions, stating that these attempts by China to interfere have been unsuccessful.
The government remains vigilant against such threats and has made it clear that they will not tolerate any malicious cyber activities.
UK government stance on cyber security
Deputy Prime Minister Oliver Dowden reiterated the UK’s zero-tolerance policy towards cyber activities targeting democratic institutions, stating that protecting the democratic system is a priority.
The Defending Democracy Taskforce continues to work on strengthening resilience against such threats.
The UK government and its allies call on China to act as a responsible cyber actor and continue to expose any malicious activities that threaten national security and democracy.
The Defending Democracy Taskforce and the National Security Act 2023 provide essential tools for disrupting hostile activities, and the NCSC offers guidance to help individuals and organisations bolster their cyber defences.