By Sarosh Bana. India Correspondent
Alarms have sounded about Chinese cyber actors gearing up to disrupt the upcoming elections in India, the United States and South Korea.
On March 26, 2024, China issued a strong rebuke to detailed public accusations by the US and two of its key allies, the United Kingdom and New Zealand, that Beijing was behind a series of hacks targetting lawmakers and democratic institutions.
Insisting that China “opposes and cracks down on all forms of cyberattacks”, Chinese foreign ministry spokesperson Lin Jian said Washington was using the Five Eyes alliance “to compile and disseminate false information about threats from Chinese hackers.” He also said that the US has been conducting its own cyber-espionage campaign.
“Relevant Chinese cybersecurity agencies have released a series of reports on the US government’s cyberattacks against China and other countries, but the US government has always played dumb,” said Jian.
The Five Eyes alliance is an intelligence network established after World War II comprising the US, UK, Canada, Australia and New Zealand. The alliance shot to prominence in 2013 when whistleblower Edward Snowden revealed classified documentation on its extensive surveillance capabilities and international reach.
The US has accused China of a “prolific global hacking operation” over 14 years to further its “economic espionage and foreign intelligence objectives”. Deputy Attorney General Lisa Monaco specified that more than 10,000 emails from that country targeted US and foreign-based businesses, politicians, candidates for elected office and journalists. She alleged that China’s Ministry of State Security executed a “cyber-espionage programme” called APT31. The US Justice Department charged seven hackers with accessing “email accounts, cloud storage accounts, and telephone call records”.
The Chinese spokesperson rebuffed these allegations, saying China had “made strong demarches with the United States and relevant parties”. He warned that Beijing would “take necessary measures to safeguard China’s legitimate rights and interests”.
While Britain’s Prime Minister Rishi Sunak expected his country to go to the polls “in the second half” of this year, his Deputy, Oliver Dowden, said that “a Chinese state-affiliated entity” had possibly “compromised” the UK’s Electoral Commission. While the campaigns against British lawmakers and the Electoral Commission posed a “real and serious threat”, they were ultimately thwarted. “It will not impact how people register, vote or otherwise participate in democratic processes,” Dowden added.
Usually one of China’s strongest backers among US allies, New Zealand announced that its Parliamentary Counsel Office, which drafts and publishes laws, had been compromised around the same period. Blaming China’s “state-sponsored group” APT40 for the attack, the recently elected Prime Minister, Christopher Luxon, acknowledged that it was a “big step” to blame the cyber attack on his country’s biggest trade partner.
Microsoft’s April 2024 Threat Intelligence report also points out that Chinese cyber actors have extensively targeted three areas over the last seven months: the South Pacific Islands, regional adversaries in the South China Sea region, and the US defence industrial base.
“Chinese influence actors, rather than broadening the geographic scope of their targets, (have) honed their techniques and experimented with new media,” the report reads. “Chinese influence campaigns continued to refine AI-generated or AI-enhanced content.” It adds that the influence actors behind these campaigns have amplified AI-generated media that benefits their strategic narratives and create their own video, memes, and audio content.
The report sees these tactics used in campaigns stoking divisions within the US and exacerbating rifts in the Asia-Pacific region, including Taiwan, Japan and South Korea. It also cites North Korean cyber actors increasingly making software supply chain attacks and cryptocurrency heists over the past year.
The Microsoft report further warns that by using artificial intelligence-generated content, China is gearing up to disrupt the upcoming elections in India, South Korea, the US, and the UK. The warning comes after Beijing conducted a trial run during Taiwan’s presidential election, employing AI to influence the outcome. “China will, at a minimum, create and amplify AI-generated content that benefits their positions in these high-profile elections,” the report forewarns. “While the impact of such content in swaying audiences remains low, China’s increasing experimentation in augmenting memes, videos, and audio will continue and may prove effective down the line.”
This year, at least 64 countries, in addition to the European Union, are expected to hold national elections. These countries collectively account for 49% of the global population.
According to Microsoft’s threat intelligence team, Chinese state-backed cyber groups, along with North Korea, are expected to target several elections this year. China is likely to deploy AI-generated content via social media to sway public opinion in favour of its interests during these elections.