Starmer’s staff cannot be ruled out of China Downing Street spying | UK | News

China hacked the mobile phones of senior Downing Street officials for several years, The Telegraph reported.

The spying operation is understood to have compromised the privacy of senior members of the government, exposing their private communications with Beijing.

State-backed hackers are known to have targeted the phones of some of Boris Johnson, Liz Truss and Rishi Sunak’s closest aides between 2021 and 2024.

Breach went ‘right to the heart of Downing Street’

It is unclear whether the attack involved the prime ministers’ mobile phones, but a source with knowledge of the breach said it reached “the very heart of Downing Street”.

Intelligence sources in the US stated that the Chinese espionage operation known as Salt Typhoon is continuing, raising the possibility that Sir Keir Starmer and his senior staff may also have been exposed. MI5 issued an “espionage alert” to Parliament in November over the threat of espionage from the Chinese state.

Sir Keir heads to China this week to secure trade and investment ties with Beijing; This is the first visit by a British prime minister since the Baroness May 2018.

His trip follows the Government’s decision to approve plans for a mega Chinese embassy in London; The Express has revealed that it will be located next to some of the city’s most sensitive communications cables.

Critics accuse Labor of ‘taunting Xi’

Critics accused Labor of endangering national security by taking a soft stance on hostile Chinese activities in the hope of securing trade deals with the world’s second-largest economy.

Alicia Kearns, the shadow minister for national security and one of the alleged targets of the Westminster spy trial in which two men are accused of passing sensitive intelligence from Parliament to the Chinese government, said: “How much more evidence does this Government need to end its arrogant attitude towards Xi and stand up and defend us as the great country that Labor rewards hostile actions against our state.”

The attack raises the possibility that Chinese spies were able to read text messages or listen in on calls involving senior members of the government.

Even if hackers couldn’t overhear the calls, they may have gained access to metadata that reveals who authorities are communicating with and how often, as well as geolocation data that shows their approximate location.

Global espionage operation targeted the Five Eyes alliance

The Downing Street hack formed part of Beijing’s global espionage operation targeting several countries, including the United States and three other members of the Five Eyes intelligence alliance: Australia, Canada and New Zealand.

The breaches date back to at least 2021, but intelligence agencies only discovered them in 2024.

It came to light when the US announced that hacking groups linked to Beijing had gained access to telecommunications companies around the world.

This gave China access to the phone data of millions of people; It allowed intelligence officers to eavesdrop on calls, read text messages, and potentially track users’ locations.

Hackers had ability to ‘record phone calls whenever they want’

The hackers also had the ability to “record phone conversations at will,” according to Anne Neuberger, who was deputy US national security adviser at the time.

China’s foreign ministry had previously dismissed the allegations as “baseless” and “unsubstantiated”.

It remains unclear exactly what information Chinese hackers obtained from Downing Street staff’s phones.

Intelligence sources have said the UK is more “business ready” when it comes to network security, arguing that Britain’s telecommunications networks are better protected than those in the US.

They cited the Telecommunications Security Act 2021, which imposes new legal duties on telecommunications firms to strengthen the security of UK networks.

But a senior US official told The Telegraph that the global breach was part of “perhaps one of the most successful campaigns in the history of espionage”.

FBI warns of persistent long-term access

In a public alert last year, the FBI warned that China’s “state-sponsored cyber threat actors” were targeting global networks, including telecommunications, government and military infrastructure.

The stolen data “may ultimately provide Chinese intelligence services with the ability to identify and track their targets’ communications and movements around the world,” the warning said.

He added that hackers often “maintain persistent, long-term access” to networks, making the activity more likely to continue.

The public consultation document was jointly signed by intelligence agencies from several countries, including the UK’s National Cyber ​​Security Centre, the public arm of GCHQ.

However, the Government’s only official acknowledgment that the UK was affected by Typhoon Salt is a vague reference to a “cluster of activity” in the UK.

By contrast, US officials have been vocal about the extent of the breach and acknowledged that it was targeted by Chinese hackers. Donald TrumpJD Vance and Kamala Harris ahead of the 2024 presidential election.

Multiple attacks targeting Sunak’s government

The Telegraph reported that there had been “many” separate hacking attacks on Downing Street staff and across the wider government, particularly during Mr Sunak’s tenure as prime minister from 2022 to 2024.

While serving as technology secretary last year, Peter Kyle said that after taking office he “became very, very aware that there was a cybersecurity issue facing our country that I wasn’t aware of before I became secretary of state.”

Dakota Cary of the Atlantic Council’s Global China Center, a US think tank focusing on the China threat, said: “Salt Typhoon focused on telecommunications companies and the backends of these networks so they could intercept communications between individuals.

“We know that China is interested in obtaining political intelligence on MPs and decision-making processes in British politics,” he said, referring to the latest spying case in Westminster.

Salt Typhoon ‘one of the most prominent names’ in cyber espionage

Western intelligence agencies describe Beijing as one of the most capable and aggressive adversaries in signals intelligence and cyber warfare.

Former Israeli intelligence chief Yuval Wollman said Salt Typhoon was “one of the most prominent figures” in the world of cyber espionage.

Mr Wollman, who is now president of cybersecurity platform CyberProof, said: “While most public news has focused on US targets, Salt Typhoon’s operations have spread across Europe, the Middle East and Africa, where it has targeted telecom firms, government agencies and technology companies.”

It added that the operations were “highly targeted, with confirmed breaches across multiple regions, including the UK’s critical infrastructure, in 2023 and 2024.”

No China strategy

It said the strategic espionage campaign collected “communication routing and geolocation metadata from government and defense systems.”

Last month, Parliament’s Intelligence and Security Committee found that “the Government has no strategy towards China, let alone an effective strategy” and that it has “failed to apply a stand-alone ‘whole of state’ approach” to responding to the threat.

The Express has reached out to Downing Street via its contact form for comment.

A Chinese embassy spokesman said: “China is a staunch defender of cybersecurity and one of the biggest victims of cyber espionage and attacks.

“We are committed to combating all forms of malicious cyber activity in accordance with the law and we never encourage, support or condone cyber attacks.

“We strongly oppose politicizing cybersecurity issues or blaming other countries without evidence.”