U.S., U.K. Sanction Chinese Hacking Group for Alleged Espionage | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #hacker

Welcome to Foreign Policy’s China Brief.

The highlights this week: The United States and United Kingdom censure China over an alleged state-backed cyberespionage campaign, Chinese Foreign Minister Wang Yi visits Australia seeking to repair bilateral ties, and Beijing goes on a charm offensive seeking foreign investment.

U.S., U.K. Censure China Over Hacking

The United States and United Kingdom announced new sanctions and criminal charges against a hacking group linked to the Chinese government known as APT31 on Monday. The yearslong campaign targeted political information in both countries. New Zealand, a fellow Five Eyes intelligence ally, said it was hit by APT40, another state-affiliated hacking cell.

The impact of the hacking was particularly serious in the United Kingdom, where one 2021 attack appears to have compromised data from the U.K. Electoral Commission, which stores personal information on 40 million voters. Prominent Conservative politicians have condemned China’s actions, and the U.K. government summoned the Chinese ambassador in London.

As with other cases of Chinese hacking and potential espionage in democracies, in the United Kingdom, politicians are now concerned about electoral interference. Although that is a fair assumption when Chinese hackers go after the electoral commission, it seems like an unlikely prospect. To start, in most developed democracies, there isn’t one party that clearly favors Beijing’s interests—with the odd exception.

Both the Labour Party and the Tories have taken stronger positions on China since 2020 in the wake of COVID-19 and crackdowns in Hong Kong. Any interference would likely favor specific pro-China figures, as has been alleged in Australia, and there aren’t many of those in the United Kingdom. Even David Cameron, who as prime minister heralded a “golden era” of U.K.-China relations and now serves as foreign secretary, has taken a tough line on Beijing.

Furthermore, Chinese interference abroad might not even be that effective: Covert online action focuses more on metrics, such as the number of posts on social media, that can be reported to bosses back in China than on real impact. When Beijing uses more heavy-handed methods, such as threatening smaller states, it often backfires.

The U.K. Electoral Commission data includes a significant level of personal detail. It seems likely that China targeted the information according to its usual foreign intelligence priorities: monitoring and threatening the Chinese diaspora, especially minorities such as Tibetans and Uyghurs; counterintelligence; corporate espionage; and harassing politicians and researchers it perceives to be anti-China. British member of Parliament Iain Duncan Smith said Monday he was impersonated online by a pro-China “wolf warrior” who sent emails in his name.

China-U.K. relations were already shaky, and the hacking claims are likely to do damage for the moment. The U.K. government has not only taken issue with the alleged espionage, but also with China’s typically aggressive response to the accusations. China would be better off staying silent: After all, countries spy, even on their own allies. But certain targets are more sensitive than others, and there seems to be a lack of recognition among Chinese officials that democracies are defensive of their own elections.

All of this sits uncomfortably with China’s recent attempts to woo foreign business back to the country and its clumsy charm offensives aimed at foreign politicians. The joint sanctions will bring London closer in line with Washington’s general anti-China mood.

To be sure, relations tend to reset over time, in part due to inertia. But Chinese hacking campaigns are unlikely to stop, and they have an inertia of their own. China has built up a huge cyber-intelligence operation, both through the People’s Liberation Army (PLA) and private contractors. Its decisions are to some degree determined by its scale, and often it targets data because it can get it, rather than because of an overarching plan.

Furthermore, Chinese official life is quota-driven and nationalistic, including for state-backed hackers. That also makes it difficult for China to stop its mass data collection; doing so would require dismantling the operation and leaving Beijing vulnerable to U.S. hacking efforts. (This is one reason why the Obama-era cyber treaty was always doomed.)

Don’t expect China to rein in the hacking, or to be more circumspect about it. Sanctions on individual officers and PLA units are effectively symbolic: It would take tougher action for Beijing to even start rethinking its campaign.

What We’re Following

Wang in Australia. Chinese Foreign Minister Wang Yi visited Australia last week in an attempt to repair damaged bilateral ties, meeting with Australian Foreign Minister Penny Wong. The visit came at a bad time for China’s public relations in the country, with the harsh sentence against Chinese Australian dissident Yang Hengjun fresh in the public’s memory.

Around the time of Wang’s trip, another story broke: new video showing Chinese police deporting suspects accused of cyberscams from Fiji, where China has no extradition treaty. The Pacific islands are the main arena for competition between Beijing and Canberra. Despite the Australian government’s recent attempts to compromise, China is still active in the politics of many of the island countries, although its economic slowdown has curtailed its financial efforts.

There was one characteristic element of Wang’s visit: the praise heaped on 80-year-old former Australian Prime Minister Paul Keating, an outspoken advocate of closer relations between China and Australia. Chinese diplomats often grant significant attention to retired foreign politicians, assuming they have the same influence as party elders within the Chinese Communist Party (CCP) system—and the retirees are often keen to play up that image.

Unstable neighbor. The military regime in Myanmar, an uneasy ally of China’s, is looking increasingly precarious as rebel fighters sweep through key border provinces. A military conscription campaign has sparked widespread resistance and could lead to units being more likely to defect to the pro-democracy rebels than fight for the junta that took power in a 2021 coup.

China could switch its allegiance if a victor in Myanmar’s civil war emerges, as I wrote in this newsletter in January. The PLA already maintains connections with the ethnic militias along the border who make up the backbone of the rebel alliance taking control of territory there, although Beijing’s power to influence events is thin.

Tech and Business

Seeking investment. China’s political leadership is going on a full-blown charm offensive aimed at Western business leaders as foreign investment increasingly leaves the country. It’s a tough sell after years of restrictions and growing xenophobia in China, but Beijing has argued that it will now grant foreign firms equal treatment with domestic ones. Even on its face, that is not an attractive prospect.

As CCP authorities have often emphasized, domestic firms must subordinate their interests to the party. Foreign firms should be promised safety from Chinese politics, not equality—but that is a political impossibility, especially as China strives to reduce its reliance on foreign supply chains. Meanwhile, foreign direct investment in China in the first two months of the year fell by nearly 20 percent compared with the same time last year.

Three-body problem. The Netflix adaptation of The Three-Body Problem, the first novel in a hit science-fiction trilogy by Liu Cixin, should be a soft-power win for China. The books are some of the country’s only successful cultural exports in recent years, in part because the excellent translations improve on the lackluster original. (I dislike the books: In my opinion, they exemplify a cynical ethno-nationalism and misogyny disguised as realism.)

The series has been a hit in the United States. But rather than being embraced, the TV series has been widely condemned on the Chinese internet. The series already has a Chinese TV adaptation, but the Netflix version transfers the action of much of the plot outside of China. Chinese nationalists objected to the casting of some roles with Black actors and claimed that the scenes set during the Cultural Revolution—adapted directly from the book—made China look bad.

FP’s Most Read This Week

A Bit of Culture

Much has been made of the friendship between poets Li Bai (701-762) and Du Fu (712-770), most recently in the 2023 animated film Chang’an. Poems such as the first one below, written to an already-famous poet by a starstruck younger man who would die unappreciated in his own century, seem to testify to that friendship.

However, poems were the basic coin of social engagement at the time, and Du Fu kept everything. The Complete Tang Poems contains more than 1,400 poems attributed to him, on topics ranging from the An Lushan rebellion to a gift of 30 bunches of chives.

Their exchanges seem to have been mostly one-sided. A dozen or so of Du Fu’s poems to and about Li Bai survive, while there are only two known poems to Du Fu from Li Bai. But even if the evidence points to their friendship as mostly imagined into being, poetic exchanges like the one below can’t help but make the reader want to believe.—Brendan O’Kane, translator

Du Fu: To Li Bai

Autumn’s come
Look at you:
Still a tumbleweed adrift.

Still no key
To immortality.
You’re no kind of alchemist.

Rip-roaring drunk,
Bellowing songs,
Empty day emptying into empty day.

Your flourishes,
Your posturing,
Whose hero are you playing?

Li Bai: To Du Fu—From Shandong

And how have I been spending my time?
I’ve been here in Shaqiu: splendid isolation.
There are old trees by the city walls,
And autumn whispers in them day and night.

Shandong wine can’t get me drunk.
The local poets leave me cold.
My thoughts of you are like the River Wen,
Surging and churning, ever south.


Click Here For The Original Story From This Source.


National Cyber Security