Priya PatelTLDR:
The US and UK have accused China of cyberattacks, specifically targeting politicians, journalists, and businesses. The NCSC has released cybersecurity guidance to help political organizations reduce cyberattacks.
Article Summary:
The US and the UK have officially accused China of orchestrating ‘malicious’ cyberattacks targeting politicians, journalists, and businesses. The cyber operation, known as Advanced Persistent Threat 31 (APT31), utilized sophisticated phishing tactics to compromise email systems and global networks, specifically targeting White House staffers, US senators, British parliamentarians, and government officials critical of Beijing. The NCSC has released updated guidance to help political organizations defend against cyberattacks. Additionally, the UK has sanctioned two Chinese nationals and a technology company associated with APT31, freezing their assets and imposing a travel ban. This move has been hailed as a significant shift in the rhetoric against China by the UK. In response, the Chinese embassy in the UK has dismissed the allegations as baseless slander.
The UK sanctions come in light of evidence implicating those sanctioned in a hack that potentially accessed data on millions of UK voters held by the Electoral Commission. While no disruptions to electoral processes were reported, the attackers gained unauthorized access to sensitive information. Furthermore, Chinese Government-affiliated hackers conducted reconnaissance on British parliamentarians critical of Beijing, with failed hacking attempts and impersonations reported, prompting calls for increased sanctions and cybersecurity measures against China.
In the US, the Department of Justice has charged several hackers, including two Chinese nationals, with conspiracy to commit computer intrusions and wire fraud as part of a 14-year cyber operation targeting US and foreign critics, businesses, and political officials. The Department of Justice highlighted the need to remain vigilant against cybersecurity threats and foreign influence efforts, especially as the 2024 election cycle approaches.
Amidst calls for robust data protection measures, industry experts emphasize the need for enhanced cybersecurity frameworks to safeguard against cyber threats and foreign malign influence. The NCSC’s new guidance offers recommendations for political organizations, parties, and think tanks to reduce the risk of cyberattacks and enhance digital resilience. It emphasizes the importance of implementing security measures like multi-factor authentication and protecting electoral management systems.
