cyber daily logo

Breaking news and updates daily. Subscribe to our Newsletter

Breaking news and updates daily. Subscribe to our Newsletter X facebook linkedin Instagram Instagram

Australia, US and UK blame China for cyber espionage campaign, Paterson calls for sanctions

China has been accused by the US and the UK of being behind a major cyber espionage campaign, after millions had been affected by cyber incidents.

user icon Daniel Croft
Tue, 26 Mar 2024
Australia, US and UK blame China for cyber-espionage campaign, Paterson calls for sanctions
expand image

According to reports from both nations, political staff and politicians from both the US and the UK were among those affected, including US senators, staff in the White House, and British parliamentarians.

Now the campaign has been attributed to the Chinese APT31 hacking group, which the US and the UK believe has connections with the Chinese Ministry of State Security.

“Over 10,000 malicious emails, impacting thousands of victims, across multiple continents. As alleged in today’s indictment, this prolific global hacking operation – backed by the PRC government – targeted journalists, political officials, and companies to repress critics of the Chinese regime, compromise government institutions, and steal trade secrets,” said Deputy Attorney General Lisa Monaco.


The US Department of Justice (DOJ) has now indicted seven Chinese nationals that were part of the hacking group.

“The People’s Republic of China (‘PRC’) conducted intelligence activities using a variety of sources, including through the Ministry of State Security (‘MSS’),” the US DOJ said.

The DOJ alleged that the PRC engaged in “computer intrusion activity” in an effort to mine information on “political, economic and security policies that might affect the PRC, along with military, scientific and technical information of value to the PRC”.

“In many instances, the MSS focused collection and subsequent related malign influence efforts on politicians that the PRC perceived as being critical of PRC government policies.”

Millions of Americans had their data confirmed or potentially compromised in these attacks, including personal emails, online storage, telephone call recordings and work accounts.

The UK also accused the group of targeting agencies that could influence political outcomes, attributing two major cyber attack campaigns to APT31, one being on the UK’s electoral commission and the other targeting parliamentarians. Millions were affected in these attacks.

The Chinese embassy in London quickly responded to the allegations, saying they lacked “valid evidence” and were “completely fabricated and malicious slanders”.

PRC Foreign Ministry Spokesperson Lin Jian also issued a statement calling Cybersecurity a global challenge and shared that China also suffered major cyber attacks, also suggesting that the accusations against it lack evidence.

"The origin-tracing of cyberattacks is highly complex and sensitive. When investigating and determining the nature of cyber cases, one needs to have adequate and objective evidence, instead of smearing other countries when facts do not exist, still less politicize cybersecurity issues," said Lin Jian.

"We hope relevant parties will stop spreading disinformation, take a responsible attitude and jointly safeguard peace and security in the cyberspace. China opposes illegal and unilateral sanctions and will firmly safeguard its lawful rights and interests."

While Australia was not affected directly by these campaigns, it has shown its two closest allies support in its decision to attribute the attacks to China.

Both Australia and New Zealand have now also accused the PRC of being behind the APT31 cyber campaign.

Home Affairs and Cyber Security Minister Clare O’Neil, alongside Australian Foreign Minister Penny Wong, issued a statement this morning (Tuesday, 26 March 2024), declaring that it was joining the UK and the US in calling out China’s alleged activity.

“The Australian government joins the United Kingdom and other international partners in expressing serious concerns about malicious cyber activities by China state-backed actors targeting UK democratic institutions and parliamentarians,” the joint statement read.

“The persistent targeting of democratic institutions and processes has implications for democratic and open societies like Australia. This behaviour is unacceptable and must stop.

“Australia calls on all states to act responsibly in cyber space.”

Brendan Dowling, Australian ambassador for cyber affairs and critical technology for the Department of Foreign Affairs and Trade, also shared support for the US and the UK.

“We stand with the UK today in calling out the unacceptable and irresponsible cyber targeting of UK democratic institutions and MPs by China state-backed actors,” he wrote on LinkedIn.

“Targeting of democratic institutions and processes has implications for democratic and open societies like Australia. It is unacceptable and must stop.

Wong iterated that the campaign did not affect the Australian electoral systems as they did in the UK and that the nation remains able to “resist and address threats” to our electoral roll.

“This is critical to maintaining public trust in our democracy.”

Following the announcement of Australia’s support, shadow home affairs and cyber security minister James Paterson said that like the US and the UK, Australia should impose sanctions on China.

“Now I’ve just seen … that the Foreign Minister has issued a statement of rhetorical support for that. But the question that Penny Wong needs to answer today is, will she use the powers under the Magnitsky legislation that the Parliament gave her, to also join our allies in sanctioning these individuals so there is real costs and real consequences for their behaviour?”

For context, the Magnitsky legislation refers to laws that allow the introduction of sanctions on nations who have committed human rights violations or corruptive activity.

“It is shockingly malign behaviour to attack members of Parliament and to attack electoral systems in democracies,” continued Paterson.

“That is not the act of a friend. And yet it appears that Chinese state-sponsored hackers have been doing that in the case of the UK and New Zealand.

“It wouldn’t shock me at all to learn that they had done the same here in Australia, although that has not been publicly announced today.”

cd intro podcast

Introducing Cyber Daily, the new name for Cyber Security Connect

Click here to learn all about it
cyber daily subscribe
Be the first to hear the latest developments in the cyber industry.