Experts argue that UK sanctions will have no impact as hacking is ingrained in dealings with Beijing.
The UK government’s announcement of sanctions against two individuals and one entity, accused of attempting cyber-attacks on UK parliamentarians in 2021 without success, evokes the notion of the “tip of the iceberg.” However, this metaphor falls short in capturing the full extent of the issue.
Home Secretary James Cleverly stated that these sanctions demonstrate that targeting elected representatives and electoral processes will not be tolerated.
Nevertheless, some experts perceive this move as a consequence of pressure from Washington following the indictment of seven individuals linked to APT31, a hacking group accused of conducting a widespread global hacking campaign. This operation included sending over 10,000 malicious emails to politicians, officials, journalists, and critics of China across multiple continents.
According to Alan Woodward, a cybersecurity professor at the University of Surrey, the sanctions will have little impact on the UK’s cybersecurity, likening them to merely sending a strongly worded letter. He suggests that the UK government feels compelled to act in response to American actions but is hesitant to upset China.
Simultaneously, the government disclosed past hacking attempts on the same day it attributed a breach of the Electoral Commission’s systems to a “Chinese state-affiliated entity” between 2021 and 2022. The Chinese embassy in London dismissed the UK’s claims as baseless and slanderous. However, the sanctioned entities were not implicated in this breach. Jamie MacColl, a cybersecurity research fellow at the Royal United Services Institute, remarks that the government has mixed two distinct issues in a manner that may confuse the public.
A recent data leak from the Chinese cybersecurity firm iSoon has exposed the competitive landscape among China’s freelance hackers vying for government contracts. These hackers sometimes acquire data from foreign agencies speculatively, hoping to sell it to the highest bidder. The US Department of Justice alleges that APT31, in particular, was directly supervised by a provincial department of China’s ministry of state security.
According to Mei Danowski, a China cybersecurity expert and author of the Natto Thoughts newsletter, nearly every cybersecurity firm in China likely has some form of contract with government clients. With the cybersecurity industry valued at around $13 billion, this presents a significant pool of potential hackers.
This situation leaves western governments struggling to coordinate an effective response to hacking incidents. The Chinese government often maintains plausible deniability regarding responsibility, and the impact of data breaches is not always clear. Audrye Wong, an assistant professor at the University of Southern California, observes that while Russian-based hacks typically aim to create discord and chaos, China exercises more caution and remains concerned about shaping perceptions of China and the Chinese Communist Party. Many western international security experts compare Russia’s disruptive actions to a storm, while likening China’s approach to climate change.
Danowski notes that despite the US indictment of hackers associated with Chengdu 404 in 2020, the company’s operations in China have continued as usual, indicating that the “name and shame” strategy employed by the US and UK may have little practical effect.
While China denies any interest or necessity to interfere in the UK’s internal affairs, some cybersecurity experts highlight that gathering intelligence on foreign states is a fundamental aspect of every country’s espionage activities – in other words, spying is a universal practice.
