China was behind cyber attacks on the UK election watchdog, MPs and peers and has ‘hostile intent’, the deputy PM said today.
In a dramatic statement to the Commons, Oliver Dowden for the first time pointed the finger at Beijing over meddling in the political system.
He said state-linked groups had targeted the Electoral Commission’s records of 40million Brits, as well as the emails of prominent critics who had ‘called out’ activities.
Mr Dowden said there was a ‘clear pattern of activity’ from China, identifying the group known as APT31 as involved.
He said two individuals and an ‘entity’ linked to APT31 were being sanctioned, and the Chinese ambassador had been summoned for a dressing down.
But Mr Dowden insisted that none of the hacking attempts had been successful. He said that while the compromise of electoral register details was ‘concerning’ it was unlikely to have caused harm.
‘I can confirm today that Chinese state-affiliated actors were responsible for two malicious cyber campaigns targeting both our democratic institutions and parliamentarians,’ Mr Dowden said.
‘First, the compromise of the United Kingdom Electoral Commission between 2021 and 2022, which was announced last summer. And second, attempted reconnaissance activity against UK parliamentary accounts in a separate campaign in 2021.’
Mr Dowden said that international partners including the US would be issuing ‘similar statements’ later.
‘Taken together, the United Kingdom judges that these actions demonstrate a clear and persistent pattern of behaviour that signal hostile intent from China,’ he said.
‘That is why the United Kingdom has today sanctioned two individuals and one entity associated with the Chinese state affiliated APT31 group for involvement in malicious cyber activity.’
Earlier, Rishi Sunak warned that Britain must ‘defend ourselves’ against the ‘increasingly assertive’ behaviour by the Asian power.
In a dramatic statement to the Commons, Oliver Dowden for the first time pointed the finger at Beijing over meddling in the political system
Ministers are poised to blame China for cyberattacks on the elections watchdog and MPs (pictured, a meeting of the National People’s Congress earlier this month)
Rishi Sunak (pictured visiting Barrow today) pointed to the ‘increasingly assertive’ behaviour by Beijing branding the Asian power the ‘greatest state-based threat to our economic security’
Deputy PM Oliver Dowden (pictured right with Lord Cameron) is expected to take the dramatic step of accusing Beijing of being behind a hack that accessed the personal details of 40million Brits.
Critics have accused the government of acting too slowly and raised concerns that the response will not go far enough. The Chinese state has previously been linked to meddling in the NHS.
Labour MPs swiped that the announcement is just ‘party management’ on an issue that raises passions among Tory MPs.
China’s foreign ministry responded this morning by insisting countries should not ‘spread disinformation’ by making accusations without a ‘factual basis’.
Foreign Secretary Lord Cameron said the actions were ‘completely unacceptable’ and he had raised the issue with his Chinese counterpart Wang Yi.
The Electoral Commission attack was identified in October 2022 but the hackers had been able to access the commission’s systems containing the details of tens of millions of voters for more than a year by that point.
The registers held at the time of the cyber attack include the name and address of anyone in the UK who was registered to vote between 2014 and 2022, as well as the names of those registered as overseas voters.
The National Cyber Security Centre (NCSC), part of GCHQ, said it was likely that Chinese state-affiliated hackers stole emails and data from the electoral register.
This, in combination with other data sources, was highly likely to have been used by Beijing’s intelligence services for large-scale espionage and transnational repression of perceived dissidents and critics based in the UK.
There is no suggestion the hack had any impact on the largely paper-based UK electoral system.
The separate campaign against MPs and peers in 2021 was almost certainly carried out by APT31, officials said, with the majority of those targeted being prominent critics of the Chinese government.
Parliament’s security department identified and mitigated the cyber campaign before any accounts could be compromised, the NCSC said.
Mr Dowden said China’s ‘cumulative attempts to interfere with the United Kingdom’s democracy have not succeeded’, telling MPs: ‘Last summer, the Electoral Commission stated that it had been a victim of a complex cyber attack between 2021 and 2022.
‘This was the work of Chinese state-affiliated actors. These actors gained access to the Electoral Commission’s email and file-sharing systems, which contained copies of the electoral register.
‘As the Electoral Commission stated in 2023, when this attack was first made public, the compromise has not affected the security of elections. It will not impact how people register, vote or otherwise participate in democratic processes.
‘I want to reassure people that the compromise of this information whilst it is obviously concerning typically does not create a risk to those affected and I want to further reassure the House that the commission has worked with security specialists to investigate the incident and remove the threat from their systems. The commission has since taken further steps to increase the resilience of their systems
Former Tory leader Sir Iain Duncan Smith, a member of the Inter-parliamentary Alliance on China (Ipac), said critics of the Beijing government ‘have been subjected to harassment, impersonation and attempted hacking from China for some time’, but MPs would not be ‘bullied into silence by Beijing’.
He added: ‘We must now enter a new era of relations with China, dealing with the contemporary Chinese Communist Party as it really is, not as we would wish it to be.
‘Today’s announcement should mark a watershed moment where the UK takes a stand for values of human rights and the international rules-based system on which we all depend.’
Lord Cameron said: ‘It is completely unacceptable that China state-affiliated organisations and individuals have targeted our democratic institutions and political processes.
‘While these attempts to interfere with UK democracy have not been successful, we will remain vigilant and resilient to the threats we face.’
The UK acted with support from allies in the Five Eyes intelligence-sharing partnership, which also includes the US, Canada, and New Zealand, in identifying the Chinese-linked cyber campaigns.
Speaking at an engineering firm in Barrow earlier, Mr Sunak said: ‘We’ve been very clear that the situation now is that China is behaving in an increasingly assertive way abroad, authoritarian at home and it represents an epoch-defining challenge, and also the greatest state-based threat to our economic security.
‘So, it’s right that we take measures to protect ourselves, which is what we are doing.’
He would not be drawn on the hacking announcement, saying: ‘When it comes to cyber, we have the National Cyber Security Centre, which is world leading.
‘Indeed, when I’m out and about across the world, other leaders want to learn and talk to us because they believe that our capabilities in this country are very strong.’
Mr Dowden is set to link China to the attack on the Electoral Commission, which admitted last August that ‘hostile actors’ had got into its systems as far back as 2021.
A small group of politicians who are hawkish on China are said to have been called to a briefing by Parliament’s director of security, Alison Giles, in relation to the activity.
They include former Tory leader Sir Iain Duncan Smith, former minister Tim Loughton, crossbench peer Lord Alton and SNP MP Stewart McDonald.
The four are members of the Inter-Parliamentary Alliance on China (IPAC) pressure group, which focuses on issues involving the increasingly assertive Asian power.
Speaking on BBC Radio 4’s Westminster Hour last night, Mr Loughton said the challenge from China had not been taken ‘seriously’ up to now.
‘China is a strategic threat,’ he said. ‘I think it is the most dangerous nation on the planet across a whole range of issues, security but also climate change.
‘But the trouble with the Chinese Communist Party government is that you have to call them out, you have to stand up to them and there have to be consequences.
‘That is the only language that the Chinese government actually understand and if you just say all this is not very good could you do better please then they laugh in your face.’
Luke de Pulford, executive director of IPAC, told the BBC’s Today programme that the government had taken two years to ‘call out’ the behaviour of China.
He said it was ‘ludicrous’ there is still a debate on whether China should be treated as posing an ‘enhanced’ risk of meddling.
But China’s Foreign Ministry said Beijing is a ‘main target’ of hacking, suggesting that the UK needed to cooperate more.
According to a translation, spokesman Lin Jian said: ‘We combat all sorts of malicious actions online, and we advocate all countries to deal with this together through dialogues and cooperation.
‘Tracking of origins of cyber attacks is highly sensitive and complicated. It must be fully backed with objective evidence, and one should not pin the blame on certain countries without any factual basis.’
He added that countries needed to ‘stop spreading disinformation and take a responsible attitude’.
Tory MP Tim Loughton (pictured) said the challenge from China had not been taken ‘seriously’ up to now
Lord Cameron is set to address Tory MPs at a special meeting of the 1922 Committee this evening.
Nuclear minister Andrew Bowie said he could not comment on the speculation about China but told LBC radio this morning: ‘The fact is that this Government has invested a lot of time, money and effort in ensuring that our cybersecurity capabilities are at the place they need to be, we’ve increased the powers of our intelligence and security community to be able to deal with these threats.
‘And we will stop at nothing to ensure that the British people, our democracy, our freedom of speech and our way of life is defended.’
He insisted the Government took a pragmatic approach to dealing with Beijing, amid reports that China’s EVE Energy is set to invest in a battery plant in the West Midlands.
‘We have to have a grown-up, pragmatic relationship with China. And that means looking at each of these investments in the round, on a case-by-case basis, ensuring that our security and our individual liberties and freedoms are not undermined by any of the investments that are that are underway.’
Meanwhile, reforms of UK spying laws are continue to make their way through Parliament, with the Investigatory Powers (Amendment) Bill also in the Commons on Monday.
The legislation includes measures to make it easier for agencies to examine and retain bulk datasets, such as publicly available online telephone records.