The following Statement was made in the House of Commons on Monday
25 March. “With permission, I will make a Statement about malicious
cyber activity targeting the United Kingdom by actors that we
assess are affiliated to the Chinese state. I want to update the
House on our assessment of this activity and to reassure it on the
steps that the Government have taken to shore up our resilience and
hold those actors to account. I know that right honourable and
honourable...Request free trial
The following Statement was made in the House of Commons on
Monday 25 March.
“With permission, I will make a Statement about malicious cyber
activity targeting the United Kingdom by actors that we assess
are affiliated to the Chinese state. I want to update the House
on our assessment of this activity and to reassure it on the
steps that the Government have taken to shore up our resilience
and hold those actors to account.
I know that right honourable and honourable Members on both sides
of the Chamber will recognise the seriousness of this issue,
particularly in a year when so many democratic elections will be
taking place around the world. Members will want to be reassured
that the Government are taking steps to address the associated
threat.
I can confirm today that Chinese state-affiliated actors were
responsible for two malicious cyber campaigns targeting both our
democratic institutions and parliamentarians by, first,
compromising the United Kingdom’s Electoral Commission between
2021 and 2022, as was announced last summer, and secondly, by
attempting reconnaissance activity against UK parliamentary
accounts in a separate campaign in 2021.
Later today, a number of our international partners, including
the United States, will issue similar statements to expose this
activity and to hold China to account for the ongoing patterns of
hostile activity targeting our collective democracies. Mr
Speaker, you and parliamentary security have already been briefed
on this activity. We want now to be as open as possible with the
House and with the British public, because part of our defence is
in calling out this behaviour.
This is the latest in a clear pattern of hostile activity
originating in China, including the targeting of democratic
institutions and parliamentarians in the United Kingdom and
beyond. We have seen this in China’s continued disregard for
universal human rights and international commitments in Xinjiang,
in China’s erasure of dissenting voices and stifling of the
opposition under the new national security law in Hong Kong, and
in the disturbing reports of Chinese intimidation and aggressive
behaviour in the South China Sea. That is why this Government
have investigated and called out so-called Chinese overseas
police service stations and instructed the Chinese embassy to
close them.
However, China’s cumulative attempts to interfere with the UK’s
democracy have not succeeded. Last summer, the Electoral
Commission stated that it had been a victim of a complex
cyberattack between 2021 and 2022. That was the work of Chinese
state-affiliated actors who gained access to the Electoral
Commission’s email and file-sharing systems, which contain copies
of the electoral register. As the Electoral Commission stated in
2023, when that attack was first made public, the compromise has
‘not affected’ the security of elections. It will not impact how
people register, vote or otherwise participate in democratic
processes. I want to reassure people that the compromise of that
information, although obviously concerning, typically does not
create a risk to those affected. I want to further reassure the
House that the commission has worked with security specialists to
investigate the incident and remove the threat from its systems,
and has since taken further steps to increase the resilience of
its systems.
In addition, the National Cyber Security Centre assesses that it
is almost certain that the Chinese state-affiliated cyber actor
known as APT31 attempted to conduct reconnaissance activity
against UK parliamentary accounts during a separate campaign in
2021. Honourable Members may recall that APT31 was one of several
cyber actors attributed to the Chinese Ministry of State Security
by the UK and its allies in July 2021. That email campaign by
APT31 was blocked by Parliament’s cybersecurity measures; in this
case, it was entirely unsuccessful. However, any targeting of
Members of this House by foreign state actors is completely
unacceptable.
Taken together, the UK judges that those actions demonstrate a
clear and persistent pattern of behaviour that signals hostile
intent from China. That is why the UK has today sanctioned two
individuals and one entity associated with the Chinese
state-affiliated APT31 group for involvement in malicious cyber
activity targeting officials, government entities and
parliamentarians around the world. We are today acting to warn of
the breadth of targeting emanating from Chinese state-affiliated
actors such as APT31, to sanction those actors who attempt to
threaten our democratic institutions, and to deter both China and
all those who seek to do the same.
Last week, at the summit for democracy in Seoul, I said that we
would call out malicious attempts to undermine our democracy
wherever we find them. This is an important tool in our armoury
and today we are doing just that. The UK does not accept that
China’s relationship with the UK is set on a predetermined
course, but that depends on the choices China makes. That is why
the Foreign Office will be summoning the Chinese ambassador to
account for China’s conduct in these incidents. The UK’s policy
towards China is anchored in our core national interests. We will
engage with the Chinese Government where it is consistent with
those interests, but we will not hesitate to take swift and
robust actions wherever the Chinese Government threaten the UK’s
interests—we have done so today and previously. This Government
will continue to hold China and other state actors accountable
for their actions.
We will also take serious action to prevent this behaviour from
affecting our security. The steps we have taken in recent years
have made the UK a harder operating environment for foreign state
actors seeking to target our values and our institutions. Through
the National Security Act 2023, we now have, for the first time,
a specific offence of foreign interference. That new offence will
allow law enforcement to disrupt state-linked efforts to
undermine our institutions, rights or political system.
Our National Security and Investment Act 2021 has overhauled our
scrutiny of investment into the United Kingdom by giving the
Government powers to block, unwind or put conditions on
investments that could create national security risks. We have
significantly reduced China’s involvement in the UK’s civil
nuclear sector, taking ownership of the CGN stake in the Sizewell
C nuclear power project and ensuring that Chinese state-owned
nuclear energy corporations will have no further role in the
project.
We have put in place measures to prevent hostile infiltration of
our universities, including protecting campuses from interference
through the Higher Education (Freedom of Speech) Act 2023. The
Procurement Act 2023 includes national security devolvement
provisions that allow us to act where we see malicious influence
in our public procurement. I have taken steps to reduce the
Government’s exposure to Chinese operators, banning Hikvision and
TikTok from government buildings and devices. Through the
national cybersecurity strategy, we are investing £2.6 billion to
increase the cyber resilience of our critical national
infrastructure by 2025, making the most important parts of our
digital environment a harder target for state and non-state
actors.
The Government are continuing to build the tools, expertise and
knowledge to respond to the systemic challenge that China poses
to the United Kingdom’s security and its values. The integrated
review refresh in 2023 took steps toward this, doubling funding
for a government-wide programme, including investment in Mandarin
language training and deepening diplomatic expertise.
We must be clear that this is not a problem for the Government to
solve alone. That is why we created the National Protective
Security Authority within MI5 to help businesses and institutions
play their part in protecting our security and prosperity. The
NPSA will help organisations in the UK’s most sensitive fields,
including critical national infrastructure operators and
world-leading science and tech sectors, to protect themselves
against state threats. I set up the economic security
public-private forum to ensure that businesses and business
leaders in crucial sectors understand the threat to the UK and
what they can do to defeat it.
In Parliament, the National Cyber Security Centre has launched an
opt-in service for Members of both Houses. This allows the NCSC
to alert high-risk individuals if they identify evidence of
malicious activity on their personal devices or account, and
swiftly advise them on steps to take to protect their
information. Today, the NCSC has published new guidance for
political organisations, including political parties and
think-tanks, which will help these organisations take effective
action to protect their systems and their data. The NCSC is also
working with all political parties to increase the uptake of
their active cyber defence services in the lead-up to a general
election. A key component of increasing our resilience is
supporting the NCSC and parliamentary authorities by taking up
that cyber- security offer. I urge all Members of this House to
do so. I will be writing to colleagues later today, setting out
again the steps that they can take.
At the Summit for Democracy, I was struck by the powerful
strength of our collective voices when we work together to defend
our democratic freedoms. The summit provided the United Kingdom
Government with a platform to build international agreements on a
new global government compact on countering deceptive use of AI
by foreign states in elections. It is important and welcome that
our partners across the Five Eyes, as well as those in Europe and
the Indo-Pacific, are standing in solidarity with our efforts to
call out malicious cyber activity. I pay tribute to the dedicated
public servants whose painstaking work has continued to expose
the reality of the threat we face.
Our political processes and institutions have not been harmed by
these attacks. The Government will continue to call out and
condemn this kind of activity in the strongest terms. We will
continue to work with our allies to ensure that Chinese
state-affiliated actors suffer the consequences of their
behaviour. We will take preventive action to ensure that these
attempts do not succeed. The cyber threat posed by
China-affiliated actors is real and serious, but it is more than
equalled by our determination and resolve to resist it. That is
how we defend ourselves and our precious democracy, and I commend
this Statement to the House”.
8.13pm
of Darlington (Lab)
My Lords, I begin by making clear, as my right honourable friend
did in the other place, that we on these Benches
support the Government in their efforts to counter attempts by
China or any other state to interfere with our democratic
processes in any way. This includes attempts to prevent elected
representatives from going about their business, voicing their
opinions or casting their votes.
We pay tribute to the work of the intelligence and security
services in protecting our democracy and the public more widely.
However, we need to question the coherence of the Government’s
approach to this issue so far. Surely it is necessary for the
Government to have a consistent approach across government, as
the cyber threat is not restricted to democratic processes. It
extends to universities, electric vehicles, energy, aviation, the
safety of Hong Kong nationals, and intellectual property. How
confident is the Minister that the vigilance recommended today in
relation to democracy, which many would say comes slowly rather
than swiftly, is equally applied to other areas of activity? Does
the Minister honestly think that the limited action outlined in
the Statement is sufficient to deter China? Given what we now
know, what further steps are the Government going to take, since
the hacking and impersonation of parliamentarians is not the full
extent of this and not at all the action of a friendly state?
The calculation of any state which wishes us harm or considers
that it may be necessary to do us harm in the future has changed
markedly in the last decade. That which previously would need to
be achieved through violent means can now be done through
cyberattack. The defeat mechanism now is different. Our energy
supplies, communications, water, transportation and finances are
all targets in a completely new way. Undermining our democracy is
just another form of attack. Does the Minister accept that we
currently lack a consistent approach across government? I ask
this as noble Lords will no doubt be aware that the Foreign
Secretary has been the subject of unhelpful speculation regarding
his interests in China. It seems peculiar that information about
this has been less than forthcoming.
The Intelligence and Security Committee issued a report on China
last year. Paragraph 98 of that report said:
“Targets are not necessarily limited to serving politicians
either. They can include former political figures, if they are
sufficiently high profile. For example, it is possible that David
Cameron’s role as Vice President of a £1bn China-UK investment
fund”
was
“in some part engineered by the Chinese state to lend credibility
to Chinese investment”.
As I understand it, in January 2023, prior to his appointment as
Foreign Secretary, the noble Lord, , went to Sri Lanka to drum up
investment for Port City Colombo, which is a belt and road
project launched by President Xi that many believe will become a
military base for the Chinese navy. It would help to protect the
reputations of the noble Lord and the UK Government if there
could be some clarity on whom he met and what sort of
conversations took place. Can the Minister assist in providing
the necessary transparency and reassurance so that this matter
can be put to bed? Can she tell us whether these matters have
been investigated?
We have heard assurances from Ministers that the closed electoral
register has not been hacked, but anyone taking broader interest
in this issue will be aware that the danger is not just about a
single cyberattack event, but rather that data is gathered in
large quantities over time and can be used to train AI or be
interrogated by AI with impacts that we do not yet understand.
What are the Government going to do, across all departments and
institutions, to protect against this threat? The threat is
evolving, from spying and influencing to the disruption of
elections and critical infrastructure. As the threat has changed,
surely our response needs to change in turn.
(LD)
We welcome this Statement, which we hope is a significant step
towards a more strategic, cross-party approach to this issue. I
take the opportunity to acknowledge our friend the noble Lord,
Lord Alton, who has earned the opprobrium of the Chinese
Communist Party thanks to his tireless campaigning. He should
accept this as a badge of honour, albeit one that comes with
ominous concerns. Over the last 24 hours, the Foreign Secretary
issued a statement and called Beijing’s actions “completely
unacceptable”. He added that:
“Such action from China will not be tolerated”.
Given that this is what the Government believe, the response to
date seems feeble. This feebleness was highlighted by many of the
Minister’s colleagues in the Commons, and not just . But perhaps the reason
for this caution was voiced by an unnamed Cabinet Minister quoted
in the press as saying that the Government do not want to start a
trade war. However, in response, China has said that it “strongly
condemns” the UK’s “egregious” move to sanction Chinese hackers,
adding that it would
“take the necessary reaction, as a matter of course, to the
U.K.’s moves”.
What is the Cabinet Office assessment of the risk to the UK
economy? How are the UK Government preparing to resist any
retaliation?
During yesterday’s Statement, Deputy Prime Minister noted that it is no surprise
that China
“should seek to interfere in electoral processes”
in successful democratic countries. The Deputy Prime Minister may
not have been surprised, but the integrated review—even its
refresh—does not anticipate this level of attack. What we have
today is inadequate, so I suggest that the Government use this to
instigate a process of significant and proactive cross-party
consensus that we can take forward and have a cross-sectoral plan
for our relationship with China.
The hack of the Electoral Commission is very worrying; can the
Minister explain why it took so long for it to be disclosed?
According to the NCSC, this data is highly likely to be used by
Chinese intelligence services for a range of purposes, including
large-scale espionage and transnational repression of perceived
dissidents and critics in the UK. How will the UK Government
protect those here in the UK-Chinese community who may be subject
to long-distance repression?
Yesterday the Opposition’s spokesperson, and their spokesperson
here today, rightly highlighted China’s voracious appetite for
data and its potential uses as computing power improves. Even if
data cannot usefully be manipulated and weaponised, it is used as
a very useful training tool for artificial intelligence models,
as we just heard. I echo the question asked yesterday: what are
the Government doing to protect complex and valuable public
datasets from being stolen in this way? Two, for example, are
health data and criminal records, but is not just our existing
datasets we should worry about; the Chinese have the capability
to build their own. For example, years after the decision to
remove it, Huawei remains integral in our telecoms
infrastructure. The Hikvision ban extends only to so-called
sensitive sites, despite the fact that we have pushed hard to
ensure that it extends to all public buildings.
This is just the tip of the data-gathering iceberg that exists
already in this country. For example, last week, the Council on
Geostrategy published a new policy paper highlighting the risks
from Chinese cellular modules—so-called IoT modules. This raises
an issue around the role of devices that sit inside almost every
internet-enabled device, creating another whole cyber danger
area. Then there are electric cars, which are little more than
data hoovers, sending information back to China.
China has data and technology strategies that directly link to
its strategic and security aims. They are decades ahead of our
defences. We have to work together, and quickly, to develop the
necessary responses. Despite the very good work that has been
done by our own agencies to protect us, so much more is
needed.
The Minister of State, Cabinet Office (Baroness Neville- Rolfe)
(Con)
My Lords, I thank the noble Baroness, Lady Chapman, and the noble
Lord, , for their comments. I also thank
the noble Baroness for her support for the important work across
the piece, including by the intelligence services, in the more
serious situation that we now find ourselves in.
I should start by explaining that we are vigilant and we do try
to take a consistent approach, across government. We have made a
lot of changes in the cyber area in the last two or three years.
As for the activity announced yesterday by the Deputy Prime
Minister and the question of delay, raised by the noble Lord,
, this was a complex operation. It
required painstaking work from the intelligence community to
enable UK Ministers to confidently attribute the hostile cyber
activity to Chinese state-affiliated actors. I hope noble Lords
will be reassured to know that we have been working hand in glove
with our international partners to collectively identify those
responsible and to hold them to account. A number of partners
have made follow-up statements within the last 24 hours.
The activity we announced builds on the broader work that the
Government have led to expose hostile cyber activities conducted
by states targeting UK interests and the democratic systems that
we all value, including our democratic processes, which were
affected by Russian intelligence services in December.
This is part of a wider, proactive approach. The National Cyber
Security Centre has made a lot of difference right across the
board, both for government and business. We passed the National
Security and Investment Act 2021, the Higher Education (Freedom
of Speech) Act 2023 and the National Security Act 2023 —which
updated the Official Secrets Act and made espionage offences more
20th-century by introducing a harder operating environment. These
are all extremely important.
We continue with our resilience work, across the piece, to
strengthen cyber skills. The noble Baroness, Lady Chapman, is
right that we need to look at critical national infrastructure
and other issues.
The noble Baroness mentioned that my noble friend the Foreign
Secretary was criticised by the Intelligence and Security
Committee. I think she was referring to the committee saying that
his role as vice-president of a China-UK investment fund was in
some part engineered by the Chinese state to lend credibility to
its investment. I do not think China can have been that
influential, because the fund did not go ahead.
The noble Baroness also mentioned Port City in Sri Lanka.
Obviously, the Foreign Secretary was a private individual at that
time, but I understand he spoke at two events in the UAE. They
were organised by an international speakers’ bureau, which
supported this major infrastructure project. The noble Lord,
, was not engaged in any way
with China or any Chinese companies about these speaking events.
His engagement followed a meeting held with Sri Lanka’s president
earlier in the year. The Port City project is, of course,
supported by the Sri Lankan Government.
As has already been mentioned, the Foreign Secretary has been
very clear that the targeting of UK democratic institutions and
political processes is completely unacceptable. He made another
statement about this yesterday. He raised it personally with the
Chinese Foreign Minister, Wang Yi, making it clear that malicious
cyber activity by Chinese-affiliated actors is unacceptable. That
is the position today. The appointment of the noble Lord as
Foreign Secretary followed an established process both in
relation to peerages and to ministerial appointments. I hope I
have helped clear this up.
The noble Baroness was interested in the impact of the incidents
that were discussed yesterday which led to the sanctioning of two
individuals and an entity associated with APT31. What happened
was that actors were able to access copies of the electoral
register in the Electoral Commission’s file-sharing system. The
electoral registration officers for each local authority hold the
live versions of the electoral registers—I think we have
discussed this before—and they were unaffected. The electoral
register does not contain things such as national insurance
numbers or nationality data, nor does it give the age of
individuals except in limited circumstances.
No parliamentary accounts were successfully compromised. The
Parliamentary Security Department, which led on follow-up,
assessed that this was reconnaissance activity and that
parliamentary networks and accounts were not compromised.
Clearly, we need to be vigilant, and that is the message that I
am getting across the House this evening. It was not that
serious, but we do not want other Governments of any kind to
interfere with the democratic process, because it is so
important.
On broader work, the National Cyber Strategy 2022 was supported
by more than £2.6 billion of investment over three years. It is
focused on delivering a step change in the UK’s cyber resilience,
and that extends far and wide. I am involved in what is now
called the Integrated Security Fund and used to be the CSSF. We
have been putting more investment into cyber, because cyber knows
no borders, so it is important to work with other countries on
exactly these issues.
We banned Huawei from our 5G network, as we heard, and—I see that
the noble Lord, Lord Alton, is in his seat—we took steps on
Chinese security cameras, thanks to his help. We made a lot of
changes in the Procurement Act, again thanks to detailed work
done in this House. All these changes are important.
The noble Lord, , talked about the need for
collaboration, and we have made it clear that we are happy for
more conversations on these points. I commend the work done by
the Parliamentary Security Department. Alison Giles now sits on
the Defending Democracy Taskforce, which I sit on and leads, and a lot of changes have been made. Only
today, a letter went round encouraging all MPs and noble Lords to
do more—the top 10 tips for mobiles, personal cyber, how to get
more support and account registration so that your emails and
phones can be monitored by the NCSC.
I thank noble Lords for their pressure, because this is an
important area. We need to take proportionate measures and stay
vigilant.
8.33pm
(CB)
My Lords, I declare non-financial interests as a patron of Hong
Kong Watch and vice-chair of the All-Party Parliamentary Group on
Uyghurs. As my noble friend referred to the sanctions imposed
on seven parliamentarians, three years ago yesterday, I should
declare that I am one of them. He also said that this should be
regarded as a badge of honour; indeed, because my family were
sanctioned with me, my feisty daughter set up a WhatsApp group
entitled “badge of honour”.
The noble Baroness, Lady Chapman, raised the belt and road
initiative and the role of the Foreign Secretary. I have one
point to make about that. Developing countries, mainly in the
global South, now have debts to the belt and road initiative
totalling $1 trillion. This has made them extraordinarily
subservient and often into vassal states that do the bidding of
the Chinese Communist Party, particularly in the United Nations.
I think the noble Baroness was right to raise the issue of Sri
Lanka particularly; it requires greater scrutiny.
The biggest issue that the Intelligence and Security Committee
pointed to in its much-delayed report, when it was finally
published, was the potential for gullibility on the part of the
present Foreign Secretary, but the rest of us too. I put it to
the Minister that with a multi-billion-pound trade deficit with
China, we are insufficiently resilient and have become far too
dependent. This is extraordinarily complacent in the
circumstances. Is she surprised that her right honourable friend
said yesterday that the
right honourable Oliver Dowden’s Statement was
“an elephant giving birth to a mouse”?—[Official Report, Commons,
25/3/24; col 1266.]
The Deputy Prime Minister said it had been “swift and robust”,
yet it is three years since these cyberattacks took place. That
hardly makes it swift. As for robust, while parliamentarians have
been sanctioned, frankly I regard that as a very minor issue in
comparison with what has happened in Xinjiang, where there are 1
million Uighurs incarcerated in camps; with the destruction of
democracy in Hong Kong, where there are 1,700 people
incarcerated, some of them, such as Jimmy Lai, on trial even as
we meet; and with the untold brutality we have seen in Tibet and
the daily intimidation of Taiwan. In those circumstances, there
are no grounds for being complacent.
In being robust, why is it that no public official in Hong Kong
has yet been sanctioned, yet our ally the United States has
sanctioned 47? What co-operation do we have with our key allies,
including examining the extent of the APT31 attacks, which have
been estimated in the United States as being far more significant
in their magnitude than they have been here? Will the Minister
re-examine the 2023 report of the Intelligence and Security
Committee on the dangers posed to the United Kingdom by the CCP
regime? Will she re-examine the strategic failure to declare
China a threat, which was, after all, one of the recommendations
of your Lordships’ International Relations and Defence Committee,
on which I served, which examined the question of China trade and
security? Will we place China in the enhanced tier of the foreign
registration scheme?
The Minister has mentioned Hikvision, and I pay tribute to her
for the way in which she interacted when that issue was before
the House as we considered the Procurement Bill; she was helpful
throughout. What progress has been made in removing Hikvision
surveillance cameras, of which there are about 1 million in this
country, from sensitive sites? The Deputy Prime Minister said
yesterday that he was open to the removal of Hikvision cameras
from other sites too; what progress is being made in that
regard?
The noble Lord, , mentioned electric cars. There
was a very disturbing article in the Telegraph a few days ago
about how these cars could be used for surveillance purposes.
Will we allow slave labour to again be used in Xinjiang to
manufacture parts and cars that can be sold cheaply into our
markets while we do not give British workers the chance to
manufacture such things here? Will we have to act
retrospectively—as we did with Hikvision and Huawei, and now in
the future will probably have to do with electric cars? Is this
not just another case of closing the gate after the horse has
bolted?
(Con)
I thank the noble Lord for all he does in relation to educating
us on China. I cannot agree with everything he says, but I agree
with the points he made about debts building up on the belt and
road, and the importance of his committee’s report, which I think
I will take away with me. I am going to America; I might take it
away with me to read and have a fuller look at over Easter.
We have seen China’s continued disregard for universal human
rights—in Xinjiang, as well as what the noble Lord mentioned
about the stifling of opposition in Hong Kong and, of course, the
aggressive behaviour in the South China Sea. He is right to call
these points out.
I think that the noble Lord was asking about the foreign
influence registration scheme’s enhanced tier, and it is
important to remember that all foreign powers, including China,
will be subject to the requirements under the political influence
tier of FIRS. No country is there yet but the Government are
currently considering which foreign powers and entities should be
added to the enhanced tier, which requires collective agreement.
As you would expect, these considerations will take into account
what is necessary to protect the safety and interests of the
UK.
The noble Lord was keen to mention the importance of working with
allies. I could not agree with him more on that, and it has been
pleasing that, in parallel to the UK this week, the United States
has made designations. The targeting of parliamentary entities in
New Zealand has also been called out, and statements of support
have been issued by the European Union, by some individual member
states, and by Japan and the Republic of Korea. The Deputy Prime
Minister was in Japan and Korea last week trying to do exactly
the sort of international co-ordination that is so important,
given the borderless nature of many of these threats that we are
now facing.
Regarding Hikvision, we are due to produce a report fairly soon,
thanks to the noble Lord, and I cannot anticipate that, but I am
very aware that when I make promises to him in this House, I take
great pleasure in delivering them whenever I can. So that is
certainly on the agenda, as is the work we are doing under the
Procurement Act to make sure that we make use of the new
provisions on security in due course. There has, I think, been
some briefings for Lords and MPs from Minister Burghart on that,
as he is taking that forward.
Regarding electric cars, obviously we are determined to make sure
that the UK remains one of the best locations in the world for
auto manufacturing—we have such a long tradition—and that
includes the transition to electric vehicles. But, as is standard
practice, we must ensure that any investment in UK manufacturing
facilities, for any purpose, poses no threat to our national
security. We are determined to do just that.
(Con)
My Lords, clearly, these events are deplorable, unacceptable and
have been widely condemned. I admire all the steps the Government
have taken to improve cybersecurity and much else besides, but I
also ask for a sense of proportion. China is our fourth largest
trading nation. Like the noble Viscount, Lord Waverley, I have
been very involved with the International Chamber of Commerce,
and we believe that through trade comes more civilised
relationships and wealth creation. We know that in China—for all
the evil in China—a vast number of people have been lifted out of
poverty.
Is there anything we can learn from America, which talks a big
talk but carries on trading? My concern is that the pendulum will
swing again. The Deputy Prime Minister said yesterday in another
place:
“The UK’s policy towards China is anchored in our core national
interests”.—[Official Report, Commons, 25/3/24; col. 1262.]
Our national interests are to protect democracy, but also to
ensure that trade continues to flourish. Like many people who
have been a spending Minister, I know how much we want to spend
on hospitals, schools and prisons, and I do not want this debate
to result in a detriment to the British economy. But I do deplore
the behaviour in which China has been involved.
(Con)
I am glad that my noble friend deplores this behaviour, because I
think that that is agreed across the House this evening. Of
course our approach must be rooted in our national interest and
we need to be co-ordinated with likeminded partners, and we are
all working to have an open and stable international order in
difficult circumstances. But China represents a systematic
challenge to the world order, remains a long-term state threat to
the UK’s economic security, and its behaviour is concerning. It
has a choice—we have called in the Chinese ambassador today and
we are making that clear. We must hope that China will move in
the right direction, but we have to take on the challenge and
take proportionate action to hold state actors to account for
hostile cyber activity, and to protect UK interests.
(CB)
My Lords, the Minister might wish to give some insight into how
the meeting with the Chinese ambassador went this morning so that
we get the fullest idea about all the sides that are party to
this deplorable situation.
As is customary in your Lordships’ House, I should declare being
the custodian of the totally unused domain name beltroadhub.com.
I registered it 15 years ago with no particular practical reasons
as to what I was going to do with it, and there it still lies. I
inform the House accordingly.
(LD)
Cyberattack.
(CB)
Noted. I must re-emphasise that it is an unused domain.
I am at one with the thrust behind the Statement. The Government
and agencies are right to adopt a firm approach. However,
although repercussions should be expected for rule of law, human
rights and interference abuses, conversely, do the Government
believe that constant prodding of the dragon can have
consequences that go counter to many British interests and on
occasions might be self-defeating? Exploring and not thwarting
areas of mutual co-operation, building on respect of strength
through dialogue and engagement, should not be lost sight of,
including on those areas of concern illustrated in the
Statement.
(Con)
To answer the noble Viscount’s question, my understanding is that
the Chinese ambassador condemned the “groundless accusations”,
accused the UK of smearing China and stated that China was a
victim of cyberattacks, including from the UK. He warned that
China would adopt firm countermeasures in response but gave no
further detail. This matches historical responses when we have
called people out for hostile cyber activity, but they have not
done anything further. I should correct myself; I understand that
the meeting was with the chargé d’affaires.
I do not have a lot more to say on our attitude to China. I said
that our approach needs to be rooted in our national interest.
China is a permanent member of the UN Security Council. It is the
second-largest economy in the world and has impacts on global
issues of importance, such as climate change. Proportionate
action is necessary but I feel that it is right that we have
taken the action that we have. We must protect our democracy and
our Members of Parliaments—that is, Members in the other place
and here. That is an issue that has to be properly tackled, and
the Government are determined to do just that.
(LD)
My Lords, given that there is time, the Minister mentioned the
National Security and Investment Act. We are in a happy situation
because when that then Bill was being discussed, she was a lowly
Back-Bencher making a lot of very constructive suggestions to the
then Minister, the noble Lord, , who was running it through.
The Act is now under the supervision of the Cabinet Office, so we
are in a position where the poacher is now the gamekeeper.
The Minister will remember that one of her points at the time was
about infrastructure and whether, and by how much, it was
included in that Act, so it would be useful to get an update now
that she is in a position to influence this. She will also
remember that there was quite a lot of discussion, and indeed
some amendments, around the potential role for the Intelligence
and Security Committee in connection with that Act. Would she now
acknowledge that, given the nature of the problems we face, it
makes even more sense than it did then for the ISC to be directly
linked into the Act’s implementation?
(Con)
I note what the noble Lord says about the committee. It does a
very important job and we do listen to it. I look forward to
giving it evidence soon on the integrated security fund. The
noble Lord probably has a better memory than me of the detail of
the points I made when I was on the Back Benches, before I became
the gamekeeper. What I would say about the National Security and
Investment Act is that it has allowed us to take a broader
approach than many other countries, and in 2022-23 we received
866 notifications and issued 15 final orders blocking, unwinding
or attaching conditions to deals, of which eight had an acquirer
link to China. I think it shows that some of the legislation that
we put through this House and work on together in detail can be
very valuable.
(CB)
My Lords, will the noble Baroness say something more about the
hacking of the database of 40 million British people in a year
when there will be a general election? Although the Government
seem to be confident that it will not compromise the electoral
process, does the noble Baroness think that this could be used to
spread disinformation and propaganda? Has she not seen the kind
of mischief-making done at a very minimal level, almost on a
daily basis—often by social media but sometimes in a systematic
way—to try to determine the outcome? It has only to happen in a
few marginal seats to have a very significant effect in a general
election. What estimate has been made of that and what more can
we do about it?
(Con)
We now have a senior FCDO civil servant as CEO of the Electoral
Commission. Indeed, he has joined the Defending Democracy
Taskforce which I very much value, being security vetted and so
on. The noble Lord is right that some of these behaviours seem to
be part of a larger-scale espionage campaign and it is disturbing
that China is targeting bulk data. It seems to be part of the
strategic objectives. We have been clear that it is unacceptable.
I do not know exactly what conclusion to draw from that at this
time, but we are obviously keeping these matters under
review.
(CB)
My Lords, I rather suspect we might be walking into tricky ground
in all this. I remember, for instance, Cambridge Analytics and
all those sorts of issues, and many other circumstances around
data mining. This was all out there before and is really of
concern to everyone. I only put that out there because, from what
I can understand, beyond the deplorable approach on officials and
all the rest, this could be a lot to do with data mining.
(Con)
The noble Viscount makes a good point.
|
