Two New Zealand MPs vocal about China's human rights abuses have revealed to Newshub they were told in June of the possibility of "imminent digital attacks".
It comes a day after a coordinated series of statements from nations - including New Zealand - accusing Chinese state-sponsored actors of malicious cyber activity, including being responsible for exploiting a Microsoft Exchange earlier this year.
National's Simon O'Connor and Labour's Louisa Wall - the New Zealand co-chairs of the outspoken Inter-Parliamentary Alliance on China (IPAC), a global group monitoring China’s actions - have told Newshub they were informed on June 24 by IPAC that members could be the targets of a cyber attack.
"As a member of IPAC, and as one of the international co-chairs, we were given a heads-up several weeks ago that there was some credible evidence, as it was put to us, that we could be targeted or the target of hacking, cyber security intrusion and so forth," O'Connor told Newshub on Wednesday.
"Importantly, this was stuff coming from within the IPAC community. This was not given to me by New Zealand intelligence agencies."
Newshub has been provided with the alert sent to co-chairs around the world.
"We have received notifications from two government linked institutions warning that both IPAC and IPAC members should be prepared for imminent digital attacks," it reads.
Wall, a Labour MP, told Newshub O'Connor communicated the warning to "cyber security representatives" and "requested they be vigilant on our behalf in anticipation of malicious cyber attention".
She said she hasn't been contacted by New Zealand's cyber intelligence services.
Asked if he had heard anything from New Zealand intelligence agencies or just from his IPAC colleagues, O'Connor said: "I think it's best for me just to say it is coming from IPAC, but as I and I suspect anyone would do, when you get information like this you make sure the relevant authorities know. You pass that information on."
He said he flagged the warning with the team that looks after cyber security at Parliament.
A spokesperson for the intelligence agencies in New Zealand told Newshub they were making themselves available to the MPs.
"The GCSB and the NZSIS are available to provide advice and protective security support to MPs, Ministers, political parties and staff in the parliamentary precinct as part of our normal, mandated functions.
"However we do not comment on any details of notifications we may or may not receive, or specific security questions."
Andrew Little is Minister Responsible for the GCSB. His office said it didn’t comment on specific operational issues.
O'Connor said the warning didn't surprise him. As members of IPAC, O'Connor and Wall have been critical of alleged human rights abuses in the Asian nation, such as against Uighurs in Xinjiang or the anti-democratic activities underway in Hong Kong.
"Certainly, as I have spoken out more against what the CCP is doing, I have taken active measures, the best I can, to protect myself and my family and our data integrity," the National MP said.
"It is still disturbing but it actually emboldens me to speak out even more because this is not how things should be."
Sir Iain Duncan Smith, a British MP and founder of IPAC, told the UK House of Commons on Wednesday morning that he had heard "there is intelligence from Five Eyes sources that shows that a very active and direct threat from the Chinese Government is aimed directly at the co-chairs".
"Some of the co-chairs, of which I am one, have now been warned by their intelligence services in receipt of this that they should be very careful and that they will be supported."
In his statement on Tuesday accusing China of backing cyber attacks, Little said New Zealand had found links between Chinese state-sponsored actors known as Advanced Persistent Threat 40 (APT 40) and malicious cyber activity here in Aotearoa.
"The GCSB has worked through a robust technical attribution process in relation to this activity. New Zealand is today joining other countries in strongly condemning this malicious activity undertaken by the Chinese Ministry of State Security (MSS) – both in New Zealand, and globally," he said.
"Separately, the GCSB has also confirmed Chinese state-sponsored actors were responsible for the exploitation of Microsoft Exchange vulnerabilities in New Zealand in early 2021."
O'Connor told Newshub he supported Little's statement and said New Zealand needs to stand "with its allies" and "speak out against this sort of behaviour".
China has rejected the accusations, with its embassy in Wellington on Tuesday saying they were "groundless and irresponsible".
"China expresses strong dissatisfaction and firm opposition and has already lodged solemn representation with the NZ government."