According to the indictment, between 2015 and 2024, a Chinese hacking group known as APT 31 that is linked to China’s Ministry of State Security targeted thousands of U.S. and Western politicians, foreign policy experts, academics, journalists and democracy activists. In many cases, the group focused its efforts on politicians that the Chinese government “perceived as being critical of PRC government policies.”

These are generally individuals who are aware of the risk that China will try to surveil them using digital means and have tried to lock down their digital systems in response. But the same cannot always be said of their family members, and according to Monday’s indictment, the APT 31 hackers used malicious email messages sent to family members of their actual targets as a reconnaissance tool.