Wednesday, December 18, 2024

UK Fears Chinese Hackers Compromised Critical Infrastructure

Must read

Chinese state actors have made widespread — and likely successful — efforts to access British critical infrastructure networks, according to UK officials, underscoring fears of vulnerabilities to increasingly sophisticated cyberattacks by foreign powers.

Senior ministers in the Labour government have been informed since taking power in July that hackers linked to Beijing have probably compromised supply chains and computer systems key to a range of vital services, people with direct knowledge of the matter told Bloomberg. Such Chinese activity is systemic and goes beyond the alleged attacks on Parliament and the Defense Ministry made public in the past year, said the people, who requested anonymity to discuss national security matters.

The officials said successive governments had decided not to make public the full extent of these vulnerabilities, and that the matter of disclosure was under consideration by the new administration. The officials declined to specify the entities targeted.

The Chinese Embassy in London didn’t respond to a request for comment.

Chinese Hacking Campaign Aimed at Critical Infrastructure Goes Back 5 Years

British security agencies have repeatedly highlighted the risk of Chinese interference domestically, with MI5 Director-General Ken McCallum warning in a speech last week that the UK and its allies “should expect further testing and in places defeating” of their cyberdefenses. Prime Minister Keir Starmer’s administration was informed of vulnerabilities to the UK’s infrastructure networks soon after the July 4 election, the people said, prompting work on new cybersecurity legislation.

Starmer’s office and several departments declined to comment on the cyber incursions. “The UK government maintains complete confidence in the robustness of our security systems and their adaptive capacity to continuously address and evolve in response to evolving threats, ensuring the safety of all citizens,” the Treasury said in a statement.

While seeking to bolster the UK’s cyberdefenses, Starmer is also attempting to rebuild relations with Beijing, which have run cold since President Xi Jinping’s crackdown on dissent in the former British colony of Hong Kong. Foreign Secretary David Lammy is expected to travel to China this week, Bloomberg reported earlier, in what would only be the second visit by the UK’s top diplomat in six years.

Timing such China exchanges has frustrated recent British governments, even as Western allies such as France, Germany and the US move to shore up ties with the world’s second-largest economy. Any goodwill built by then-Foreign Secretary James Cleverly’s Beijing trip last August was later undermined by British allegations that China was behind hacks of the Electoral Commission and Members of Parliament.

British officials also believed China was behind a recent hack into the personal data of the nation’s armed forces personnel, Bloomberg reported in May.

Chinese officials routinely denounce foreign allegations of hacking as politically motivated, arguing the country has often been a victim of cyber attacks. The Chinese Embassy in London condemned claims its agents were behind the Ministry of Defence data breaches as “nothing but a fabricated and malicious slander.”

The government is drafting a Cyber Security and Resilience Bill with plans to pass it next year. The legislation aims to ensure that the UK’s critical infrastructure is secure, and will focus on transport, energy, drinking water, health and digital infrastructure as well as online marketplaces, search engines and cloud-computing services.

The newer attacks were believed to have targeted defense and energy entities, government agencies and the National Health Service, as well as private businesses focused on cutting-edge technology, the people said. The personal communications of senior politicians are another area of concern raised by officials, with several successful attempts to access politicians’ data beyond those that have been made public.

The concerns do not relate to a specific or new threat and the activity is seen as likely to have taken place for years, they said.

While the British officials didn’t identify any particular hackers involved in the recent attacks, security officials have publicly named China-affiliated groups including so-called Volt Typhoon as concerns. The National Cyber Security Centre has warned that the group’s “living-off-the-land” techniques allow it to hide within legitimate network activity and could be used to lay the ground for destructive cyberattacks in the event of a conflict or crisis.

US officials earlier this year carried out an operation to disrupt Volt Typhoon by deleting malware from thousands of internet-connected devices the group had hijacked to gain access to the networks in critical parts of the economy. Among the sectors targeted were communications, energy, transportation and water systems.

In May, acting NCSC chief Felicity Oswald issued a “clear warning about China’s intent to hold essential networks at risk” in a speech.

“It is a warning that providers of essential services in the UK cannot afford to ignore,” Oswald said. “We are past the point of running unsupported systems. It is not tenable.”

Photo: Photo credit: Chris Ratcliffe/Bloomberg

Copyright 2024 Bloomberg.

Topics
Cyber
China

Interested in Cyber?

Get automatic alerts for this topic.

Latest article