U.S., U.K. accuse China of state-backed cyberattacks, voter data theft

Chinese government hackers targeted U.S. officials, journalists, corporations, and pro-democracy activists in a state-backed operation.

Hackers linked to the Chinese government launched a sweeping, state-backed operation that targeted U.S. officials, journalists, corporations, pro-democracy activists and the U.K.'s election watchdog, American and British authorities said on March 25 in announcing a set of criminal charges and sanctions.

The intention of the campaign, which officials say began in 2010, was to harass critics of the Chinese government, steal trade secrets of American corporations and to spy on and track high-level political figures. Western officials disclosed the operation, carried out by a hacking group known as APT31, while sounding a fresh, election-year alarm about a country long seen as having advanced espionage capabilities.

The U.S. Justice Department charged seven hackers, all believed to be living in China. The British government, in a related announcement, imposed sanctions on a front company and two of the defendants in connection with a breach that may have given the Chinese access to information on tens of millions of U.K. voters held by the Electoral Commission.

Also Read | U.S. says it disrupted a China cyber threat, but warns hackers could still wreak havoc for Americans

“The Justice Department will not tolerate efforts by the Chinese government to intimidate Americans who serve the public, silence the dissidents who are protected by American laws, or steal from American businesses,” Attorney General Merrick Garland said in a statement, adding that the “case serves as a reminder of the ends to which the Chinese government is willing to go to target and intimidate its critics.”

As part of the cyber-intrusion campaign, prosecutors said, the hackers sent more than 10,000 emails to targets all over the world that purported to be from prominent journalists but that actually contained malicious code. Once opened, the emails installed tracking software that allowed the hackers to know the victims’ location, IP addresses and even the devices they used to get email.

The hackers further leveraged that tracking to target home routers and other devices, “including those of high-ranking U.S. government officials and politicians and election campaign staff from both major U.S. political parties,” the indictment says.