According to a report by the Intelligence and Security Committee (ISC), China’s state-sponsored hackers have been frequently targeting parliamentarians in the UK. The report, a 207-page inquiry into the British government’s response to cybersecurity risks posed by Beijing, finds the efforts to tackle the threat have been inadequate. The ISC warns that China’s cyber operations are becoming increasingly sophisticated and employs a “whole-of-state” approach, co-opting both state-owned and non-state-owned entities for espionage and interference operations overseas.
Furthermore, the report highlights the Chinese cyber espionage capability, involving the Ministry of State Security (MSS), the People’s Liberation Army (PLA), and non-official actors like “patriotic hackers” and cybercriminals.
It mentions China’s success in penetrating foreign government and private sector IT systems to steal intellectual property and gain intelligence. The ISC cautions that China’s sophisticated cyber capabilities could potentially be used for cyber attacks on UK infrastructure, citing the impact of offensive cyber operations like the Russian attacks on the Ukrainian energy grid. The report warns that relatively small-scale disruptions caused by cyberattacks can have significant knock-on effects, as demonstrated by a past incident with British power generators.
At the same time, despite challenges, GCHQ is actively engaged in cyber operations to expose and disrupt Chinese state-sponsored hackers, aiming to counter their activities strategically.
However, the whole-of-state approach means Chinese state-owned and non-state-owned entities, including academic and cultural establishments and ordinary citizens, are likely to be co-opted into espionage and interference operations overseas.
The report criticizes the British government for being too accepting of Chinese investment in critical domestic sectors, highlighting the need to address China’s actions that cross the line into interference and endanger the UK’s interests and values.
