The National Cyber Security Centre (NCSC) of the United Kingdom has identified China-backed cyber actors as responsible for several ‘malicious’ cyberattacks targeting UK parliamentarians and the Electoral Commission. These cyber-espionage activities are attributed to a group known as APT31, which allegedly targeted MPs and peers critical of China through email spying and compromised the Electoral Commission’s computer systems to potentially access and extract email data and electoral registers. This data is feared to be used for large-scale espionage and to suppress China’s critics in the UK.

Following this revelation, the UK government announced sanctions against two Chinese individuals and a company linked to these cyber incidents. The sanctions, which include freezing assets and travel bans, aim to combat what the Deputy Prime Minister Oliver Dowden described as intolerable malicious cyber activity threatening the UK’s democratic system and values.

These cyberattacks have prompted the NCSC to update its guidance for political organizations to bolster cybersecurity measures. Experts, including cyber specialist Al Lakhani from IDEE, have urged for a stronger governmental response to prevent future cyber threats, especially with the general election approaching and the risk of international interference looming.

Despite the attacks, the Electoral Commission confirmed that the integrity of UK elections remains secured, highlighting steps taken to enhance resilience against cyber threats. This situation has led to a heightened focus on safeguarding democratic processes and sensitive information against foreign cyber espionage and interference activities.