At least two Lithuanian parliamentarians have been targeted by Chinese state-linked hackers accused by the United States and the United Kingdom of a massive cyber-espionage campaign.
In an indictment unsealed last week against seven alleged Chinese hackers, the US Department of Justice said that the decade-plus intrusion activities “resulted in the confirmed and potential compromise of work and personal email accounts, cloud storage accounts and telephone call records belonging to millions of Americans”.
The hackers targeted politicians in the US and other countries, companies operating in steel, energy and apparel, and clothing industries. Among the targets were leading 5G mobile phone equipment and wireless technology providers, and even the spouses of senior US officials and lawmakers.
According to the indictment, the targets also included “every European Union member” of the Inter-Parliamentary Alliance on China (IPAC). US officials gave no names, but IPAC members include Lithuania’s Social Democratic MP Dovilė Šakalienė and Conservative MP Žygimantas Pavilionis, a diplomat and chairman of the parliamentary Committee on Foreign Affairs.
Attacks on IPAC members were carried out in early 2021 through malicious emails. Once opened, the emails installed tracking software that gave the hackers access to the targets’ data, such as their IP addresses, browser types, and operating systems.
Both Šakalienė and Pavilionis told BNS that they believed Chinese hackers failed to hack into their accounts. However, examples from their colleagues show that such risks remain.
Thousands of emails
According to the Justice Department, the seven indicted Chinese hackers were part of APT31, a hacking group involved in Beijing’s cyber espionage programme run by the Ministry of State Security from the central city of Wuhan.
US law enforcement officials believe that the aim of the “global hacking operation” was “to repress critics of the Chinese regime, compromise government institutions, and steal trade secrets”.
As part of the cyber-intrusion campaign that ran for around 14 years, APT31 sent more than 10,000 malicious emails that purported to be from prominent news outlets or journalists and appeared to contain legitimate news articles.
China has dismissed the hacking allegations by the US and the UK as “political manoeuvring”.
Tensions between Beijing and Washington over cyber espionage have been escalating recently, with Western intelligence agencies increasingly warning of alleged Chinese espionage.
In turn, Beijing has also begun to highlight alleged Western hacking operations.
‘Risk remains’
Šakalienė, a member of the parliamentary Committee on National Security and Defence, says that she regularly receives suspicious emails. She remembers getting some of these in early 2021 as well.
“There have been spikes in the flow of fake emails, including during the period disclosed by the US authorities,” the Social Democratic MP told BNS, adding that judging by the content, APT31 could have been among the senders.
Šakalienė noted that IPAC members had been regularly informed about cyber threats posed by China.
Although some of her colleagues’ accounts were hacked, the politician believes she “perhaps managed to avoid some level of damage”.
“The risk that I opened a wrong email remains, given the hurry and a very high flow,” she said.
Šakalienė told BNS that she had asked Lithuania’s authorities to check whether her devices were safe, but gave no further details.
Pavilionis said the attempts to hack into his account were a “recognition of the work” he has done.
“Of course, I had all my computers checked as soon as I got the news. The computers are clean, because the Russians and everyone else have tried to attack us more than once,” the MP told BNS.
“Our computers are constantly checked and I myself have had my computer checked by the parliament’s services again,” he added.
Pavilionis said that he never opens suspicious emails.
In response to the US information, Lithuanian Foreign Minister Gabrielius Landsbergis has urged the European Union and other countries to “take joint action”.
“In the face of PRC’s malign cyber activities that target democratic institutions and elections, EU & other democracies have to take joint action. Naming those responsible, ensuring accountability and reducing dependencies are needed to strengthen our resilience,” he posted on the X platform.
The IPAC has said in a statement that the campaign by the Beijing-linked hackers was not an attack on “any individual, a political party or the policy of any one government, or even continent”.
“It was directed at politicians who represent the ideological and geographical breadth of the globe, united by one thing only: their willingness to confront the profound challenges posed by the Chinese Communist Party,” the alliance said.
“We will not be deterred from exercising our democratic freedoms,” it added.
Newsletter
Every Friday morning.
