Matt Cardy/Getty Images
show image

China’s Cloud Hopper campaign branded “one of the worst cyber intrusions to date”

The UK has joined forces with the US to condemn China for a series of cyber attacks carried out as part of an industrial espionage campaign.

The government described the campaign, which targeted managed service providers and their clients, as “one of the most significant and widespread cyber intrusions against the UK and allies uncovered to date”.

Jeremy Hunt, the foreign secretary, said the activity goes “against the commitments [China] made to the UK in 2015, and, as part of the G20, not to conduct or support cyber-enabled theft of intellectual property or trade secrets”.

The publication of the statement coincided with the US’s decision to indict Zhu Hua and Zhang Shilong for their alleged role in the APT 10 cyber group, which is accused of carrying out the campaign on behalf of the Chinese Ministry of State Security.

“China’s goal, simply put, is to replace the U.S. as the world’s leading superpower and they’re using illegal methods to get there,” said FBI director Chris Wray in a news conference reported by Reuters.

The National Cyber Security Centre found that APT 10 was “almost certainly” responsible for the Cloud Hopper cyber campaign which started targeting managed service providers in 2016, if not before. The hacker group was searching for intellectual property and commercially sensitive information, according to the Foreign and Commonwealth Office.

NCSC published advice about the campaign in April, but did not publicly attribute it to China at the time, instead describing the attacker as a “hostile actor”.

The decision to do so now comes just two months after the US and UK banded together to blame Russia for a series of high profile cyber attacks on the FCO, Porton Down chemical laboratory and the Organisation for the Prohibition of Chemical Weapons.

Hunt added: “Our message to governments prepared to enable these activities is clear: together with our allies, we will expose your actions and take other necessary steps to ensure the rule of law is upheld.”

Malcolm Taylor, a cyber security expert at ITC Secure, said the timing of the move was fascinating: “It comes after the Huawei affair, the apparently reactive arrests in China of Canadian business people, and the trade war, and it looks like an extension of those by other means.”

“The US and the UK have gone public with Russia recently, over the botched GRU activity in the Netherlands,” he added. “It is slightly surprising to see a similar approach being used for China, and may show the West’s concern at the growing power of China.”