Washington has reported that Chinese hackers tried to spy on European politicians by breaking into their digital information. According to U.S. legal officials, a group of European lawmakers became the focus of cyberattacks from China in the recent past.
The Scope of the Attack
The U.S. Department of Justice revealed late on Monday that Chinese cyber spies connected to their country's intelligence agency aimed their efforts at every member of the Inter-Parliamentary Alliance on China (IPAC), a group of lawmakers who are openly critical of China's policies.
In 2021, these hackers attempted to infiltrate over 400 email accounts linked to IPAC, sending out over a thousand emails to collect details on the online behavior and electronic devices of the alliance's members.
IPAC's website lists 66 lawmakers from various European Union countries, including the U.K., Ukraine, the U.S., and others, as its members. The alliance is co-chaired by Reinhard Bütikofer from Germany and Miriam Lexmann from Slovakia, with 17 more members from the European Parliament.
Despite these allegations, a spokesperson from the European Parliament stated that their investigation shows that their members were not attacked, “according to all elements of information currently available,” as reported by POLITICO.
The U.K. and the U.S. responded by imposing sanctions and initiating legal proceedings. However, the European response to the news of these cyberattacks and the theft of vast amounts of voter data has been notably muted.
Cogolati's Response
Samuel Cogolati, a Belgian Green MP and co-chair of IPAC, told POLITICO he was targeted back in 2021, the same year Beijing sanctioned him, alongside other EU lawmakers including Bütikofer and Lexmann.
Cogolati learned about the cyberattack against him and others in 2023 through an email from Belgium's Centre for Cybersecurity. This email linked the attacks to APT31, a hacking group that was recently sanctioned by the U.K.
“It is absolutely ridiculous to find out about all the other victims of Chinese cyberattacks in Belgium and across Europe through an indictment — issued by the U.S. DoJ,” Cogolati said.
The indictment also mentioned that this group of Chinese hackers had been attacking American politicians and officials since at least 2015, using fake identities of well-known American journalists to lure their victims into revealing personal and device information.
While the hackers used more aggressive malware in their operations in the U.S., the indictment did not specify if such tools were employed in the 2021 attacks on European lawmakers associated with IPAC.
