Canada targeted by same Chinese hackers the U.S., U.K. accuse of cyberespionage that hit millions
Canada’s electronic intelligence agency says the same hacking group that the U.K. and the U.S. have accused of a widespread cyberespionage campaign tied to Beijing has also targeted Canada.
U.S. and British officials on Monday imposed sanctions, filed charges and accused China’s government of involvement in the cyberattacks that hit millions of people including lawmakers, journalists, academics and defence contractors.
Authorities on both sides of the Atlantic call the hacking group that is allegedly involved Advanced Persistent Threat 31 or APT31. The U.K. and U.S. allege that the group is an arm of China’s Ministry of State Security.
The Communications Security Establishment (CSE) — the agency responsible for foreign signals intelligence, cyber operations and cyber security — confirmed that APT31 also targeted Canada.
“The Cyber Centre generally does not comment on specific cyber security incidents, however, we can confirm that we have seen malicious activity by this same threat actor targeting Canada,” said CSE spokesperson Nayeli Sosa in a statement to CBC News.
No further information has been provided by CSE about the timeframe or details of the malicious activity the agency said it detected.
Canadian Public Safety Minister Dominic LeBlanc said Tuesday he was part of a Five Eyes meeting Monday night that included the U.S. secretary for Homeland Security and British home secretary. The Five Eyes is an intelligence sharing network made up of the U.S., the U.K., Canada, Australia and New Zealand.
LeBlanc said no country is immune to threats of cyberattacks.
“We continue to work as a group of Five Eyes countries in terms of building up the resilience for critical infrastructure,” he said.
“China is certainly one of the threat actors in this area but they’re not alone. There are other countries that are active in this spaces well.”
LeBlanc said one of the best moves Canada can make is to “invest in the best cyber defence possible” and share what it has learned with its Five Eye allies.
CSE said the Canadian Centre for Cyber Security also publishes cyber alerts that detail ongoing threats when possible.
“It is important to note that the government’s attribution of a cyberattack or a foreign interference campaign is just one tool in our overall cyber deterrence strategy,” Sosa wrote.
The House17:53Inside Canada’s secretive cyber-spy agency
The aim of the global hacking operation was to “repress critics of the Chinese regime, compromise government institutions and steal trade secrets,” Deputy U.S. Attorney General Lisa Monaco said in a statement.
The targets included U.S. senators, White House staffers, British parliamentarians and government officials who have criticized China’s government, U.S. and U.K. officials said. Spouses of senior U.S. officials and lawmakers were also targeted, the officials said.
American officials said that the hackers’ decade-plus spying spree compromised a variety of U.S. companies, including American steel, energy and apparel firms. Among the targets were leading providers of 5G mobile telephone equipment and wireless technology.
In an indictment unsealed on Monday against seven of the alleged Chinese hackers, U.S. prosecutors in court said the hacking resulted in the confirmed or potential compromise of work accounts, personal emails, online storage and telephone call records belonging to millions of Americans.
Britain and U.S. impose sanctions
Officials in London accused APT31 of hacking British lawmakers critical of China and said that a second group of Chinese spies was behind the hack of Britain’s electoral watchdog that separately compromised the data of millions more people in the United Kingdom.
Chinese diplomats in Britain and the U.S. dismissed the allegations as unwarranted. The Chinese Embassy in London called the charges “completely fabricated and malicious slanders.”
Both Britain and the U.S. imposed sanctions on a firm they said was a Ministry of State Security front company tied to the alleged malicious hacking.
The sanctions are on Wuhan Xiaoruizhi Science and Technology, as well as on two Chinese nationals, the U.S. Treasury Department said in a statement.
“Today’s announcement exposes China’s continuous and brash efforts to undermine our nation’s cybersecurity and target Americans and our innovation,” FBI Director Christopher Wray said in a statement.
An independent inquiry into foreign electoral interference in Ottawa resumes Tuesday.
The commission is investigating allegations China, Russia and other countries meddled in the past two federal elections and how information about foreign influence flowed within the government.
The commission will hear from diaspora community groups that say foreign actors have been preying on them.