UK blames China for large breach of voter information

The U.Okay. authorities has blamed China for a 2021 cyberattack that compromised the non-public data of thousands and thousands of U.Okay. voters.

In an announcement to lawmakers in Parliament on Monday, U.Okay. deputy prime minister Oliver Dowden attributed the 2021 information breach on the Electoral Fee to hackers working for the Chinese language authorities.

Dowden informed lawmakers that the U.Okay. authorities “will not hesitate to take swift and robust actions wherever the Chinese government threatens the United Kingdom’s interests.”

It’s the primary time the UK has attributed the breach because the cyberattack was first disclosed in 2023.

The Electoral Fee, which maintains copies of the U.Okay. register of residents eligible to vote, stated on the time hackers took the names and addresses of an estimated 40 million U.Okay. residents, together with those that had been registered to vote between 2014 and 2022 and abroad voters. The info breach started as early as 2021 however wasn’t detected till a yr later.

In an announcement Monday, the U.Okay. Nationwide Cyber Safety Centre (NCSC) stated it’s “highly likely” that the Chinese language hackers accessed and exfiltrated emails and information from the electoral register in the course of the hack.

The NCSC stated Chinese language intelligence may use the information for “large-scale espionage and transnational repression of perceived dissidents and critics in the U.K.”

When reached by TechCrunch, a spokesperson for the NCSC declined to attribute the Electoral Fee’s information breach to any particular China-backed risk actor.

Dowden stated {that a} separate tried cyberattack by a China-backed hacking group focused the e-mail accounts of U.Okay. lawmakers in 2021, however that parliamentary authorities mitigated the tried breaches earlier than any e-mail accounts had been compromised.

The NCSC attributed these tried e-mail hacks to a gaggle of Chinese language hackers dubbed APT31, which is thought for concentrating on the net accounts of overseas authorities officers. Safety researchers say APT31 makes use of malware able to creating backdoors into techniques and exfiltrating delicate data. The Norwegian authorities beforehand attributed a 2018 data breach on its techniques to APT31.

The U.Okay. didn’t say which lawmakers’ e-mail accounts had been focused, however the NCSC stated many of the affected lawmakers have been “prominent in calling out the malign activity of China.”

Liu Pengyu, a spokesperson for the Chinese language Embassy within the U.Okay., denied the allegations, and stated that China “does not encourage, support or condone attacks launched by hackers,” however added that China will “resort to lawful methods” to counter cyberattacks.

“The malicious activities we have exposed today are indicative of a wider pattern of unacceptable behaviour we are seeing from China state-affiliated actors against the UK and around the world,” stated Paul Chichester, director of operations at NCSC. “The targeting of our democratic system is unacceptable and the NCSC will continue to call out cyber actors who pose a threat to the institutions and values that underpin our society.”

The Biden administration, additionally Monday, accused several Chinese hackers of involvement with APT31’s efforts to focus on U.S.-based firms. In 2020, Google safety researchers linked APT31 to the targeting of email accounts belonging to the Trump and Biden presidential campaigns.

Final month, a set of leaked paperwork from Chinese language authorities contractor I-Quickly revealed how the private contractor targets and hacks other governments on the request of Chinese language authorities.