China hack on MPs worse than government admitted with at least 30 targeted
A Chinese cyber-attack on British MPs was more widespread than the UK Government initially revealed, i has learned.
Oliver Dowden, the deputy prime minister, announced on Monday that a group of three MPs and one peer had been targeted.
The MPs, including China hawk Iain Duncan Smith, say they were privately reassured in a briefing by Parliament’s head of security that only a small number of parliamentarians had been effected.
But it has now emerged email accounts belonging to over 30 MPs, peers, and their parliamentary staff were targeted by the same cyber hack, which was in the form of a phishing email.
Mr Duncan Smith told i: “They completely screwed up the other day. They told us that there are only three or four of us that apparently had these emails – it’s complete bollocks.
“Parliament is just a joke when it comes to security, a joke.”
The identified targets were email accounts of members of the Inter-Parliamentary Alliance on China (Ipac), a global group of parliamentarians with hawkish views on China.
It is unclear at this stage why the full effect of the hacking attack was not revealed by Mr Dowden, but sources told i the latest analysis showed around 30 individuals were effected.
Parliamentarians in the group were sent infected emails from an account posing as a democracy-focused news website under the domain nropnews.com.
The emails contained spyware hidden within the images in a spear-phishing campaign using pixel technology capable of sending personal information to an unauthorized third-party server in order to steal private data from users, i can reveal.
The same false domain was used to hack a Belgian MP during the same period. Last year, Samuel Cogolati, also an Ipac member, was named by Belgian intelligence as the victim of an identical APT31 attack during the same period, leading to questions as to how the attack on UK parliamentarians has taken so long to emerge. Parliamentary security officers are now looking into the domain linked to the emails.
Mr Dowden on Monday said British intelligence concluded it was “almost certain” that Chinese state affiliated hacking group ‘APT31’ had conducted the “malicious cyber campaign”. The Deputy Prime…
