Pictured: Seven ‘Chinese hackers’ wanted in Britain and the US for a fourteen-year cyber espionage campaign that targeted thousands of politicians, companies and officials critical of the Beijing regime

These are the seven suspects wanted by law enforcement agencies in Britain and the US after a secret cyber hacking ring the Chinese government ran for fourteen years was blown wide open.

The images were released after prosecutors in America accused the men – aged between 34 and 38 – of carrying out an unprecedented cyber espionage campaign targeting critics of the Chinese regime, politicians, government organizations and companies, including defense firms and smartphone manufacturers.

The hit list includes a number of leading British MPs, while attempts have also been made to compromise the UK Electoral Commission systems.

Home Secretary James Cleverly branded the Chinese attack on Britain’s democratic institutions as ‘reprehensible’.

It comes as the US Department of Justice filed an indictment alleging the ring sent more than 10,000 malicious emails in an operation aimed at “threatening national security” and compromising government agencies and industrial espionage.

It is alleged that since 2010 the unit has been tasked with carrying out a “sinister plan” of “computer intrusion activities” on behalf of the Chinese government, mainly through email attacks on foreign targets.

The newly released indictment exposes the extent of China’s illegal attacks on Western public life through the use of malicious emails designed to collect data about their targets.

The “productive global hacking operation” is said to have “affected thousands of victims across multiple continents,” with the US and Britain singled out as the main targets.

US authorities have offered a $10 million (£7.9 million) reward for information about the suspects believed to be part of a group of Chinese state-sponsored intelligence officers and contract hackers known in the cybersecurity community as APT31. the code name ‘Violet Typhoon’.

The men, believed to be at large in China, were named as Ni Gaobin, 38; Weng Ming, 37; Cheng Feng, 34; Peng Yaowen, 38; Sun Xiaohui, 38; Xiong Wang, 35; and Zhao Guangzong, 38.

Britain has now imposed sanctions on Guangzong and Gaobin, which will freeze UK-based assets and ban the individuals from entering Britain.

Sanctions were also imposed on the Chinese front company that operated as an intelligence satellite.

The defendants are said to have had ties to the mysterious Wuhan Xiaoruizhi Science and Technology Company, which allegedly operated on behalf of the Chinese Ministry of State Security (MSS) as part of the Chinese state apparatus.

Hackers and Chinese intelligence agents are said to have compromised the security of thousands of business and personal email addresses, cloud storage accounts and phone call data.

The group inundated targets with more than 10,000 emails disguised as legitimate messages from journalists or news organizations and containing real news articles relevant to the recipient.

Once opened, a hidden tracking link in the email collected the user’s location, IP address and device information and sent it back to Wuhan for processing by Chinese intelligence services.

The ring was able to gain access to targets’ email accounts and networks using so-called ‘zero day exploits’: the manipulation of security bugs that manufacturers have not yet patched with software updates.

In addition to civil servants, politicians and employees, family members have also been identified as possible targets.

In 2021, the ring began hacking into the email accounts of British MPs linked to IPAC, the Inter-Parliamentary Alliance on China, after the group began publicly criticizing China and the Chinese Communist Party.

The group includes ex-Tory leader Iain Duncan Smith; Tim Loughton, a former Conservative education minister; Lord Alton of Liverpool, a crossbench peer; and Scottish National Party MP Stewart McDonald.

The hackers created 10 email accounts to send more than 1,000 emails to 400 people connected to Ipac, and received data back from their targets’ accounts.

The targets include 43 parliamentary reports and every member of Ipac in the EU.

The UK National Cyber ​​Security Center – part of GCHQ – targeted Chinese state-linked actors for malicious cyber attacks on UK democratic institutions and parliamentarians.

Paul Chichester, director of operations at the NCSC, said: ‘The malicious activities’ were ‘indicative of a wider pattern of unacceptable behavior we are seeing from Chinese state-linked actors against Britain and the rest of the world’.

He added: “Attacking our democratic system is unacceptable and the NCSC will continue to engage cyber actors who pose a threat to the institutions and values ​​that underpin our society.

‘It is vital that organizations and individuals involved in our democratic processes defend themselves in cyberspace and I urge them to follow and implement the NCSC’s advice to stay safe online.’

Foreign Secretary Lord Cameron condemned the attacks and told how he had raised the issue directly with Chinese Foreign Minister Wang Yi.

He said: “It is completely unacceptable that Chinese state organizations and individuals have targeted our democratic institutions and political processes.

“We will always defend ourselves against those who seek to threaten the freedoms that underpin our values ​​and democracy.”

Deputy Prime Minister Oliver Dowden said: ‘The UK will not tolerate malicious cyber activity that targets our democratic institutions. It is an absolute priority for the UK government to protect our democratic system and our values.”

The US indictment shows that targets included members of Congress, including both Democratic and Republican senators, the United States Naval Academy and the China Maritime Studies Institute of the United States Naval War College.

It said the targets were selected “in furtherance of the PRC’s economic espionage and foreign intelligence objectives,” namely gathering information about potential threats abroad, and in violation of data privacy and computer misuse laws.

James Smith, the deputy director of the FBI’s New York field office, said: “These defendants were part of a Chinese government-sponsored hacking group that has targeted American companies and American political officials for more than a decade because burglary. , malicious global campaign.

“These charges are yet another example of hostile actions by the People’s Republic of China to attack not only American businesses and infrastructure, but also the security of our nation.”

APT 31, short for Advanced Persistent Threat 31, was first publicly identified in 2016 and is believed to have been active since 2010.

The ring is also known under the names Zirconium, Judgment Panda and Altaire.

The most devastating attack occurred in 2021 when APT 31 and another state-backed group exploited a flaw in Microsoft’s Exchange email server system to steal personal data.

About 250,000 email servers were affected, including an estimated 7,000 in Britain.

Victims of the attacks included the European Banking Authority and the Norwegian Parliament.