‘Furious and distressed’: Academic and MPs targeted by China-backed hackers

Wednesday, 1 May 2024

GSCB Director-General Andrew Clark gives details on how China accessed government systems in a 2021 hack.

MPs and an academic who were targeted in a China-backed cyberattack are furious they were not warned by the Government.
The 2021 cyberattack was orchestrated by a Chinese group called APT 31.
It is understood the Government received the information in 2022, from the FBI.

A prominent academic and two MPs are furious that the Government did not warn them they had been individually targeted by hackers in a China-backed attack.

The 2021 cyberattack by a Chinese group called APT 31 has been revealed by the Inter-Parliamentary Alliance on China (IPAC). The breach was thought to have occurred in January 2021.

Former Labour MP Louisa Wall and former National MP Simon O’Connor – who were both New Zealand’s representatives on IPAC – were targeted, along with Professor Anne-Marie Brady, a Chinese politics expert at the University of Canterbury. Most of the 120 emails on the list were of MPs on IPAC. Brady’s was the only academic’s email.

The attack was separate to that revealed in March by the Government, in which the group APT40 hacked into the Parliamentary Service and Parliamentary Counsel Office.

“I was absolutely furious when I heard and also really distressed to think that the New Zealand’s government has known about this and didn’t tell me so I can protect myself,” said Brady. “That was really, really unfair.”

Professor Anne-Marie Brady’s email address was targeted by China state-backed hackers, according to the FBI

Brady said government officials had received the information in 2022, from the FBI.

“It was a progressive attack,” she said. “It’s a first go, and then there was going to be more. They would have known there was real utility in telling me so that I could protect myself.”

Brady said she has good cybersecurity systems in place but can’t definitively say whether or not the attackers had gleaned any information or compromised her account.

O’Connor, who has since identified an email from the attempt in his old Parliamentary inbox, said he too was furious that at as a member of parliament at the time, he was not informed.

Former National MP and IPAC co-chair Simon O’Connor wants parliament’s Privileges Committee to investigate a Chinese backed cyberattack that targeted him

“Particularly as we understand that the hacking attempts to be progressive and intending to carry on.

Former Labour MP and IPAC co-chair Louisa Wall wants an independent investigation into the government’s handling of a 2021 cyberattack by Chinese state-backed hackers

'No-one from any government agency, minister's office, intelligence agency, police, no-one has spoken to me about this. It's a terrible lapse of judgement and security.

He said he wanted a “very open and transparent discussion of what happened or rather what did not happen and why”.

“It would be very important to know who within Government, and I mean that not only in terms of ministers and officials, who knew and why they chose not to share that with the three of us.

'This is a matter of privilege, I think it should be taken to the Privileges Committee to have a look at, so this doesn't happen again.

Wall said, “Despite no longer holding office, I maintain profound concern regarding the absence of transparency surrounding the cyberattack that targeted me and my colleagues while serving as Co-Chairs of IPAC during my tenure in parliament.”

“As elected representatives, our primary duty is to serve and protect the interests of the people. The Government’s failure to disclose crucial information about the cyberattack undermines this fundamental responsibility.”

“As a retired MP, I stand in solidarity with my former colleagues and all affected individuals in demanding answers and accountability from the Government regarding the handling of this 2021 cyberattack by China-affiliated hackers.”

Labour MP Ingrid Leary, current IPAC co-chair, said the international parliamentary group had “stepped up” to alert its members about the security risks posed by the attack in absence of communication by the Government.

“I think that underscores the importance of international alliances, such as IPAC, which can compensate for national shortcomings in certain circumstances.

“We are calling for the Government to continue to name state actors that attempt to hack our cyber systems, to issue a commitment to notify and inform all citizens and parliamentarians immediately when they're alerted to such digital incursions, and to commit to improving the cybersecurity services offered to parliamentarians.”

The seven MPs that were part of IPAC in New Zealand were looking at trying to get a committee set up at Parliament to investigate foreign interference, she said.

O’Connor and Wall want an independent investigation into the cyberattack and the Government’s handling of it, to uncover any negligence, cover-ups, or failures in cybersecurity protocols.

Asked if it would be his expectation that MPs targeted in cyberattacks are briefed, Prime Minister Christopher Luxon said “Yes, that would be my expectation.

Minister responsible for New Zealand’s security services, Juditih Collins, said she had asked for an explanation and that MPs who have data compromised should be told.

“I must say, I would like to know about it, if it were mine.”