Cyber attack row: Chinese diplomat hauled in for dressing-down at Foreign Office

A top Chinese diplomat was hauled in to the Foreign Office on Tuesday after the UK Government called out a cyber attack on the Electoral Commission and parliamentarians.

China’s chargé d'affaires in London was summoned for a formal dressing-down a day after Britain announced limited sanctions against two Chinese individuals and a company over the past hacking. It is understood that Ambassador Zheng Zeguang is out of the UK.

The Foreign Office “set out the Government’s unequivocal condemnation of Chinese state-affiliated organisations and individuals undertaking malicious cyber activity against UK democratic institutions and parliamentarians”, a spokesperson said.

“The UK Government would not tolerate such threatening activity, and would continue to take strong action with partners across the globe to respond,” it added.

The Prime Minister’s official spokesman dismissed criticism from several MPs that the Government was kowtowing to Beijing for not going further in its sanctions.

“We always take action in the national interest wherever necessary to defend our critical national infrastructure, address foreign interference and bolster our capabilities,” he said.

Asked about reports that the Government could force Chinese state-owned companies to register for closer scrutiny in the UK on a scheme for foreign agents, the spokesman said: “The scheme is in the process of being finalized and no countries have been specified yet.

“As the Deputy Prime Minister (Oliver Dowden) said yesterday, there is a case for adding China but there is a process to go through and it wouldn't be appropriate to speculate about which countries might be specified in the future.”

The spokesman also played down suggestions the Government could imminently label China a “threat” to national security rather than an “epoch-defining challenge”.

“There isn’t a mechanism under UK law or indeed in our G7 or Five Eyes countries that has a designation process like that,” he said.

But speaking on Times Radio, Education Secretary Gillian Keegan described China as “obviously a security threat”.

The action announced on Monday was a “first step”, she added on GB News.

“It’s a complex issue clearly. Clearly starting some sort of trade issues is what we want to avoid as well.

“It’s complex but we do need to be firm as well and we have been working with our allies both to understand the threats that we face.

“You have got national security but you have also got a large trading partner..... we do get a lot of our imports from China.

“We do take measured responses. We will always be vigilant...national security is the most important thing.”

The UK and the United States accused China of a global campaign of “malicious” cyber attacks in an unprecedented joint operation to reveal Beijing’s espionage.

Britain publicly blamed China for targeting the Electoral Commission watchdog and for being behind a campaign of online “reconnaissance” aimed at the email accounts of MPs and peers.

Chinese spies are likely to use the stolen details to target dissidents and critics of Xi Jinping’s government in the UK, British intelligence services believe.

US officials said the APT31 hacking group spent more than a decade targeting the sensitive data of politicians, journalists, academics, dissidents and American companies.

The “prolific global hacking operation”, backed by the Chinese government, sought to “repress critics of the Chinese regime, compromise government institutions, and steal trade secrets,” US deputy attorney general Lisa Monaco said.

The hackers sent more than 10,000 “malicious” emails to the targets to gain access to personal information, US prosecutors said, adding the criminals threatened to “undermine democracies and threaten our national security”.

The US charged seven of the alleged Chinese hackers on Monday.

The UK said Beijing-linked hackers were behind the attack on the Electoral Commission which exposed the personal data of 40 million voters, as well as 43 individuals including MPs and peers.

A front company, Wuhan Xiaoruizhi Science and Technology Company, and two individuals, Zhao Guangzong and Ni Gaobin, linked to the APT31 hacking group were sanctioned in response to the hacks.

However, some of the MPs targeted by Beijing said the response did not go far enough.

They urged the Government to toughen its stance on China by labelling it a “threat” to national security rather than an “epoch-defining challenge”, and to put China in the “enhanced” tier under the Foreign Influence Registration Scheme.

Conservative former minister Tim Loughton told Sky News: “We’re going to sanction two people, two pretty lowly officials, and one private company, which employs 50 people. That is just not good enough.”

Mr Dowden, who announced the measures in a Commons statement, appeared to suggest China could soon be declared a “threat”.

He told MPs that “we are currently in the process of collective Government agreement” over the matter, and that “clearly the conduct I have described today will have a very strong bearing on the decision that we make”.

Cabinet tensions have reportedly surfaced over the issue, with some ministers pushing for tougher action on Beijing while others are resistant over concerns it could harm economic and trade relations.

Foreign Secretary Lord Cameron said the actions were “completely unacceptable” and he had raised the issue with his Chinese counterpart Wang Yi.

The Chinese ambassador has also been summoned to the Foreign Office to account for his country’s actions.

The Electoral Commission attack was identified in October 2022 but the hackers had been able to access the commission’s systems containing the details of tens of millions of voters for more than a year by that point.

The registers held at the time of the cyber attack include the name and address of anyone in the UK who was registered to vote between 2014 and 2022, as well as the names of those registered as overseas voters.

The National Cyber Security Centre (NCSC), part of GCHQ, said it was likely that Chinese state-affiliated hackers stole emails and data from the electoral register.

This, in combination with other data sources, was highly likely to have been used by Beijing’s intelligence services for large-scale espionage and transnational repression of perceived dissidents and critics based in the UK.

There is no suggestion the hack had any impact on the largely paper-based UK electoral system.

Mr Dowden insisted the local elections in May and the general election later this year would be safe from Chinese cyber attacks.

He told the PA news agency: “Yes, I can guarantee that our electoral processes will be safe and secure.”

The UK acted with support from allies in the Five Eyes intelligence-sharing partnership, which also includes the US, Canada, Australia and New Zealand, in identifying the Chinese-linked cyber campaigns.

On Tuesday, New Zealand alleged hackers linked to the Chinese government launched a state-sponsored operation that targeted the country’s parliament in 2021.

Minister responsible for the Government Communications Security Bureau (GCSB), Judith Collins, said in a statement: “The GCSB’s National Cyber Security Centre (NCSC) completed a robust technical assessment following a compromise of the Parliamentary Counsel Office and the Parliamentary Service in 2021, and has attributed this activity to a PRC (China) state-sponsored group known as APT40.

“Fortunately, in this instance, the NCSC worked with the impacted organisations to contain the activity and remove the actor shortly after they were able to access the network.”

She added New Zealand will not follow the UK and US in sanctioning China as the country does not have a law allowing such penalties.

The Chinese government strongly denied that it had carried out, supported or encouraged cyber attacks on the UK, describing the claims as “completely fabricated and malicious slanders”.

A spokesperson for China’s embassy in London said: “China has always firmly fought all forms of cyber attacks according to law.

“China does not encourage, support or condone cyber attacks.

“At the same time, we oppose the politicisation of cyber security issues and the baseless denigration of other countries without factual evidence.

“We urge the relevant parties to stop spreading false information and stop their self-staged, anti-China political farce.”