25 December 2018

Chinese government carrying out global cyberwarfare campaign, UK says

Kim Sengupta

Britain and its western allies have accused the Chinese government of carrying out an extensive campaign of industrial espionage through cyberwarfare.

A group known as APT 10, it is claimed, is acting on behalf of the Chinese Ministry of State Security to carry out a “malicious” offensive targeting intellectual property and sensitive commercial data in Europe, Asia and the US.

The British government said that the Chinese security establishment is not upholding the commitments Beijing made directly to the UK in a 2015 bilateral agreement.

It is also inconsistent, it says, with G20 commitments that no country should conduct or support information and communications technology-enabled theft of intellectual property, including trade secrets or other confidential business information.


The National Cyber Security Centre assesses “with the highest level of probability that the group widely known as APT 10 is responsible for this sustained cyber campaign focused on large-scale service providers. The group almost certainly continues to target a range of global companies, seeking to gain access to commercial secrets.”

This is the first time that the UK government has publicly named elements of the Chinese government as being responsible for a cyber campaign.

It has previously attributed the WannaCry ransomware incident to North Korean actors; a multi-year computer network exploitation campaign targeting universities around the world, including the UK, to the Mabna Institute based in Iran; and a series of attacks including NotPetya, the Wada hack and leak and BadRabbit to the GRU (Russian military intelligence).

Foreign secretary Jeremy Hunt said: “This campaign is one of the most significant and widespread cyber intrusions against the UK and allies uncovered to date, targeting trade secrets and economies around the world.
European Commission vice-president Valdis Dombrovskis says EU taking alleged hacking ‘extremely seriously’

“These activities must stop. They go against the commitments made to the UK in 2015, and, as part of the G20, not to conduct or support cyber-enabled theft of intellectual property or trade secrets.

“Our message to governments prepared to enable these activities is clear: together with our allies, we will expose your actions and take other necessary steps to ensure the rule of law is upheld.”

No comments: