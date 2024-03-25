While there have been no cases so far in which the Chinese government has turned off essential services, US intelligence agencies have warned in recent months that the malware appeared to be intended for use if the United States were coming to the aid of Taiwan.

The sanctions were a major escalation of what has become an increasingly heated contest between the Biden administration and Beijing.

WASHINGTON — The United States imposed sanctions Monday on Chinese hackers and accused them of working as a front for Beijing’s top spy agency, part of a broad effort to place malware in US electric grids, water systems, and other critical infrastructure.

By turning off critical services to military bases and to civilian populations, China would try, according to a series of intelligence findings, to turn Americans inward — worrying about their own supplies of electricity, food, and water rather than assisting a distant island that Beijing claims as its own.

The sanctions were part of a joint effort between the United States and Britain to crack down on Chinese hacking into vital services. In announcing the new measures, the Treasury Department described malicious state-sponsored cyberactors as “one of the greatest and most persistent threats to US national security.”

The sanctions were unveiled as the Justice Department announced charges against seven Chinese nationals accused of conspiracy to commit computer intrusions and wire fraud.

The hackers were part of a group known as Advanced Persistent Threat 31, or APT31, that has for the past 14 years targeted American companies, government and political officials, candidates, and campaign personnel.

“This case serves as a reminder of the ends to which the Chinese government is willing to go to target and intimidate its critics, including launching malicious cyberoperations aimed at threatening the national security of the United States and our allies,” Attorney General Merrick Garland said in a statement.

According to the Justice Department, the hackers deployed more than 10,000 emails with hidden tracking links that could, if opened, compromise the electronic device of a recipient. Their operation targeted a Justice Department official, high-ranking White House officials, and multiple senators.

The Treasury Department added Wuhan Xiaoruizhi Science and Technology Co. to its sanctions list and described it as a “front company” for China’s ministry of state security, which ran the cyberespionage operation. The ministry has emerged as Beijing’s largest hacking operation, after a major investment by the Chinese government, according to US intelligence agencies.

The ministry — under the direct control of Chinese leadership — is taking over for the People’s Liberation Army, which directed most of the espionage attacks on American companies, intended to steal corporate secrets or defense designs.

But China’s strategy has now evolved, and its first goal appears to be finding a way to deter, or at least slow, a military effort by Washington to aid Taiwan if China’s leader, Xi Jinping, decided to try to take the island.

While President Biden has not mentioned the threat in public, his aides have been intensely focused on an operation called “Volt Typhoon” that stretches back many years — but has intensified since early last year. Over the past few months, the United States has been intensively working with American businesses that are crucial to the nation’s infrastructure and even issued a detailed warning last week on how to detect Chinese intrusions into critical systems.

But the announcement Monday went far beyond electric grids and water systems. It pointed to a defense contractor that manufactures flight simulators for the US military, a Tennessee aerospace and defense contractor, and an Alabama aerospace and defense research corporation.

The sanctions on China come as the Biden administration has been trying to stabilize relations with Beijing, seeking areas of cooperation on combating the flow of fentanyl, and fighting climate change. That effort began with Biden’s meeting with Xi in California late last year, in which he warned Xi about intrusions into US infrastructure. Chinese officials have denied they were involved.

In London, the British government on Monday accused China of cyberattacks that compromised the voting records of tens of millions of people.

The deputy prime minister, Oliver Dowden, announced sanctions against two individuals and one company linked to a state-affiliated group implicated in the attacks, which he said targeted both an elections watchdog and lawmakers. The Foreign Office summoned China’s ambassador to Britain for a formal diplomatic dressing down.

“This is the latest in a clear pattern of hostile activity originating in China,” Dowden said in Parliament.

The government disclosed the attack on the Electoral Commission, which oversees elections in the United Kingdom, last year but did not identify those behind it. It is believed to have begun in 2021 and lasted several months, with the personal details of 40 million voters being hacked.

The Electoral Commission said the names and addresses of anyone registered to vote in Britain and Northern Ireland between 2014 and 2022 had been accessed, as well as those of overseas voters.