BRUSSELS • European Union (EU) member states are considering a possible joint response to cyber attacks allegedly conducted by a Chinese state-linked hacker group after the UK presented evidence last month about network infiltration, according to people familiar with the matter.
UK experts briefed EU colleagues at a technical meeting on Jan 28, providing evidence of both software and hardware attacks by the group known as Advanced Persistent Threat 10, or APT 10, said some of the people, who asked not to be identified as the talks were private.
They wouldn’t give details about the alleged hardware attack, saying the information was classified. Officials who were at the meeting discussed potential responses, such as sanctions or a joint warning, according to two of the people.
The issue will probably be discussed at a scheduled EU-China Summit in April, one of the officials said.
The focus on APT 10 is part of a broader clampdown by Europe and the US on alleged espionage and intellectual property (IP) theft by China.
The hacker group was at the centre of indictments in December by the US Justice Department, which accused Chinese officials of orchestrating a decade-long espionage campaign that involved infiltrating companies in the US and more than a dozen other countries, drawing a strong denial from China.
The UK’s evidence on APT 10 is related to those indictments, one of the people said.
“Some countries’ accusations against China on the cyber-security issue are unfounded and groundless, driven by ulterior motives,” the Chinese Mission to the EU said in a statement when asked about the allegations.
“We urge the relevant parties to stop defaming China, so as not to undermine their bilateral relations and cooperation with China.”
For any retribution against China tied to cyber attacks, the EU would need to agree unanimously that the country was responsible and not all EU members currently agree, according to one of the people familiar with the matter.
The EU is developing protocols to respond to malicious cyber activities, for instance by imposing sanctions, but it can be challenging to clearly attribute actions to any individuals or nation-state.
The UK Foreign Office in December joined Washington in pressing the accusations against APT 10, saying that the group acted on behalf of the Chinese government “to carry out a malicious cyber campaign targeting IP and sensitive commercial data in Europe, Asia and the US.”
NATO defence ministers will also address the threat of Chinese cyber attacks when they meet in Brussels today.
“We have seen the reports from allies about their concerns about Chinese activity related to infrastructure and cyber and these are reports we take seriously and we will continue to consult on these issues,” NATO Secretary General Jens Stoltenberg told reporters in Brussels yesterday. “One of the challenges of the cyber attacks, and we have seen more and more of them, is attribution.”
Cybersecurity firm FireEye Inc, which has been tracking APT 10 since 2009, said the Chinese cyber espionage group has historically targeted construction and engineering, aerospace, and telecom firms, and governments in the US, Europe and Japan in a bid to support Chinese national security goals of acquiring military and intelligence information. — Bloomberg