China’s cyber war on the West is escalating

MI5 Director General Ken McCallum
Ken McCallum, MI5's director general, said in 2022 operations run against China increased sevenfold in four years

Either China is getting more aggressive. Or Britain is looking harder for the rocks and what’s under them. Or both.

Figures revealing the scale of China’s covert attacks on the West are sparse.

However, in a rare outing in July 2022, Ken McCallum, MI5’s director general, disclosed that the number of operations being run by his intelligence agency against China had increased sevenfold in just four years.

In the same period, MI5 doubled the size of its China mission to combat the threat.

In the US, FBI director Christopher Wray issued only last month the starkest of warnings that China had already infiltrated critical infrastructure – such as energy, water and communications sectors – and was waiting “for just the right moment to deal a devastating blow”.

The latest hack in the UK to be blamed on Beijing – of the Ministry of Defence’s payroll, including sensitive details on military personnel – is deeply embarrassing for the Government and shows nowhere is safe from Chinese cyber hacking.

The hack is a triumph for Beijing but it is also not surprising.

The security services recognise the threat posed to the UK by China, which has long been acknowledged as posing the greatest risk to the West’s long-term security.

China is accused of investing heavily in teams of cyber hackers, hellbent on harvesting vast amounts of personal information and stealing intellectual property that gives the regime a competitive advantage.

China’s ministry of state security (MSS) has developed sophisticated cyber hacking operations that rival Western intelligence agencies.

And while in the past, it has targeted what some have described as the “soft underbelly” of technology firms, in the past couple of years it seems to have become emboldened, attacking the British state as well.

These are not Russian agents blundering about Salisbury with the nerve agent Novichok tucked inside a bag, but armies of hackers probing for weaknesses in British cyber defences.

‘Bigger offices than MI5’

The MSS headquarters is based in Beijing with security bureaus of varying sizes in cities and provinces across the country.

It is understood that MSS offices in the more significant locations such as Shanghai and Guangdong “are each bigger than MI5”.

The National Cyber Security Centre (NCSC), a branch of MI5, has identified a number of hacking gangs operating out of China.

In March, it said it had traced unsuccessful attempts to hack MPs’ email accounts to a group called APT 31.

The group has been active for 13 years; China is playing the long game.

In a further example of officials blowing the lid off Chinese espionage, in March Britain publicly blamed Xi Jinping’s regime for targeting the Electoral Commission watchdog and for being behind a campaign of online “reconnaissance” aimed at the email accounts of MPs and peers.

APT 31 has also been accused of interfering in the 2020 US elections and was linked to a widespread attack on Microsoft systems in 2021 that granted it access to thousands of email servers. APT 31 is also known more colourfully as Violet Typhoon, Judgement Panda, Bronze Vinewood and Zirconium.

APT stands for “advanced persistent threat” and is a naming convention used by Western cyber intelligence agencies to identify hacking groups linked to foreign adversaries.

There are more than two dozen identified Chinese APT groups.

APT 31 widely used email phishing techniques, in which victims are encouraged to click on malicious links that steal details.

In January, the FBI said a Chinese group that it called Volt Typhoon had infected hundreds of old routers with Chinese malware to gain a foothold into critical infrastructure, including a military outpost in the pacific ocean.

Analysis by Lumen, a cyber security firm, found that the hostile Chinese “botnet” had been active on routers in the US for almost two years, and would not be detectable by a user because it does not prevent them from working.

Mr Xi has described science and technology as the main battlefield of the economy.

Cyber hacking is just one of its weapons. It also deploys spies on the ground.

The Chinese regime also runs long-term espionage operations, making connections in the UK which can be used to gain influence in years to come.

Christine Lee, a lawyer, was accused by MI5 in January 2022 of being a Chinese spy.

The domestic intelligence service took the unprecedented step of issuing an alert to Parliament warning MPs to steer clear of her, accusing Ms Lee of being “knowingly engaged in political interference”.

Ms Lee denies the allegations – she has never been charged with any criminal offence – and is suing MI5, demanding to know the basis for the allegations.

For now, the West and China are effectively at war.

It’s not a war you can see and there are no civilian casualties.

The attack on the MoD’s payroll is just the latest skirmish.

In the long run, if China wins, then it will become the world’s pre-eminent superpower. The stakes are that high.