The United States and Britain on Monday have sanctioned two individuals and one Wuhan-based company that allegedly targeted critical infrastructure sectors in the US as part of an expansive hacking effort.
The US Department of the Treasury’s Office of Foreign Assets Control (OFAC) sanctioned Wuhan Xiaoruizhi Science and Technology Company, Limited (Wuhan XRZ), which it said was a Chinese Ministry of State Security (MSS) front company that has served as cover for multiple malicious cyber operations.
The Treasury Department levied sanctions against two Chinese nationals Zhao Guangzong and Ni Gaobin, as well as the Wuhan Xiaoruizhi Science and Technology Company, which the agency accused of acting as a front for China’s top spy agency.
The US and the UK have sanctioned PRC state-sponsored hackers who have endangered US national security through malicious cyber operations targeting US critical infrastructure. Treasury is focused on leveraging our tools to protect against these threats. https://t.co/Ej7kNDgAfl
— Treasury Department (@USTreasury) March 25, 2024
“OFAC is also designating Zhao Guangzong and Ni Gaobin, two Chinese nationals affiliated with Wuhan XRZ, for their roles in malicious cyber operations targeting U.S. entities that operate within U.S. critical infrastructure sectors, directly endangering US national security,” it said in a statement.
Brian Nelson, the under secretary of the Treasury for terrorism and financial intelligence, said in a statement that, “The United States is focused on both disrupting the dangerous and irresponsible actions of malicious cyber actors, as well as protecting our citizens and our critical infrastructure.”
Additionally, the US Justice Department said that seven Chinese citizens have been indicted for their involvement in a China-based hacking group known as APT31 that spent approximately 14 years targeting US and foreign critics, businesses, and political officials for sensitive information.
The action is part of a collaborative effort with the US Department of Justice, Federal Bureau of Investigation (FBI), Department of State, and the United Kingdom Foreign, Commonwealth & Development Office (FCDO).”
Furthermore, the US Department of State announced a rewards for justice offer for information on these individuals, their organization, or any associated individuals or entities; and the UK Foreign, Commonwealth, and Development Office implemented matching sanctions.
It is notable here that US government institutions have repeatedly been targeted by Chinese hackers, with the US administration often directly blaming the Chinese government for the cyber attacks. In September 2023, it was reported that hackers associated with the Chinese government gained access to about 60,000 emails from the unclassified inboxes of State Department workers. In July 2021, US had charged 4 Chinese nationals were indicted by a US grand jury for their involvement in an alleged China-backed global espionage campaign, targeting dozens of companies, universities, government agencies in the US and at least 11 other countries, between July 2009 to September 2018.
UK government announces sanctions, travel bans and asset freeze against Chinese individuals and organisations
Meanwhile, the UK government said that it has identified that Chinese state-affiliated organisations and individuals were responsible for two malicious cyber campaigns targeting democratic institutions and parliamentarians.
In a statement, it said, “The United Kingdom, supported by allies globally, have today identified that Chinese state-affiliated organisations and individuals were responsible for two malicious cyber campaigns targeting democratic institutions and parliamentarians. Partners across the Indo-Pacific and Europe also express solidarity with the UK’s efforts to call out malicious cyber activities targeting democratic institutions and electoral processes.”
The UK government said that the National Cyber Security Centre (NCSC) – a part of Government Communications Headquarters- assesses that the UK Electoral Commission systems were highly likely compromised by a Chinese state-affiliated entity between 2021 and 2022.
However, it said the attacks did not have any impact on the democratic process or elections.
UK Foreign Secretary David Cameron said that it “is completely unacceptable that China state-affiliated organisations and individuals have targeted our democratic institutions and political processes. While these attempts to interfere with UK democracy have not been successful, we will remain vigilant and resilient to the threats we face.”
Cameron called it completely “unacceptable” that state-affiliated organisations and individuals from China have targeted democratic institutions and political processes. Cameron stated that he raised the issue directly with Chinese Foreign Minister Wang Yi.
“I raised this directly with Chinese Foreign Minister Wang Yi and we have today sanctioned 2 individuals and one entity involved with the China state-affiliated group responsible for targeting our parliamentarians,” he added.
We've taken action on China 👇 pic.twitter.com/jYtux0YFT8
— David Cameron (@David_Cameron) March 25, 2024
“Attacks on our democracy are unacceptable. Yet that is what organisations backed by China have done. Today, we are publically calling them out, and we have taken action. We have summoned the Chinese ambassador and we are putting sanctions, travel bans, asset freezes on individuals and the group responsible. Such actions from China will not be tolerated. We will always defend ourselves from those that threaten our values and our democracy”, Cameron stated in a video.
The British Foreign, Commonwealth and Development Office has today summoned the Chinese Ambassador to the UK.
In the statement, UK government stated, “Zhao Guangzong, who is a member of APT31, operating on behalf of the Chinese Ministry of State Security (MSS), and has engaged in cyber activities targeting officials, government entities, and parliamentarians in the UK and internationally. Ni Gaobin who is a member of APT31, operating on behalf of the Chinese Ministry of State Security (MSS), and has engaged in cyber activities targeting officials, government entities, and parliamentarians in the UK and internationally.”
UK Home Secretary James Cleverly stated it is reprehensible that China sought to target Britain’s democratic institutions. He further said, “China’s attempts at espionage did not give them the results they wanted and our new National Security Act has made the UK an even harder target. Our upcoming elections, at local and national level, are robust and secure.”
(With inputs from ANI)