A massive hacking attack on the British military, suspected to be orchestrated by China, has affected approximately 270,000 serving personnel, as well as reservists and veterans across all three services. The breach, which has been ongoing for around three weeks, was discovered last week after investigators detected a pattern of unusual activity.
The breach notably excluded the Special Forces, which operate on a separate, more secure system. However, concerns linger over whether members of the Intelligence Corps, a segment of the army, may have had their personal details compromised.
The stolen information primarily encompasses identities and bank details, with a subset of cases involving addresses and national insurance numbers. Despite the absence of evidence suggesting exploitation of the data, affected service personnel are being offered guidance on monitoring their accounts.
Security officials have traced the origins of the breach to hacking groups, though establishing a direct link to the Beijing regime could take months. Tobias Ellwood, a Conservative MP and former soldier, speculated that China may have targeted financially vulnerable individuals for potential coercion.
In response, the Chinese embassy in London reiterated China’s commitment to non-interference in internal affairs and urged against spreading false information. China’s foreign ministry also said that it “firmly opposes and fights all forms of cyber attacks” and “rejects the use of this issue politically to smear other countries”.
The recent hacking being blamed on China comes after high-level talks transpired between China and the United Kingdom emphasizing mutual respect and cooperation. Vice-President Han Zheng and Foreign Minister Wang Yi met with UK Secretary of State for Foreign, Commonwealth and Development Affairs James Cleverly in August, reiterating the importance of joint efforts to address global challenges and enhance trade and investment ties.
During discussions with Cleverly, Han emphasized the positive outcomes of practical cooperation across various sectors between China and the UK.
Amidst the complexities of the international landscape, Han stressed that China and the UK “should uphold the spirit of mutual respect and win-win cooperation, take care of each other’s core interests and major concerns, maintain communication in international and regional affairs, and jointly promote world peace and development”.
Despite diplomatic efforts, the hacking incident casts a shadow over the economic relationship between China and the UK. China stands as one of the UK’s largest export markets, with significant bilateral trade volumes. According to the UK Office for National Statistics, China ranked as the second-largest trading partner in goods imports and the fifth-largest in goods exports for the UK last year.
“We cannot rule out state involvement”
Defence Secretary Grant Shapps informed Members of Parliament that the government has strong grounds to suspect the recent hack on the armed forces payroll system was the handiwork of a malicious actor.
The affected payroll system houses personal information akin to that handled by HM Revenue & Customs, spanning current regular, reservist, and former members of the Royal Navy, Army, and Royal Air Force over multiple years.
Downing Street disclosed ongoing evaluations of the unnamed contractor’s security measures. Shapps criticized the contractor-operated system in the House of Commons, highlighting apparent shortcomings and emphasizing its complete segregation from the core MoD network.
Expressing regret for the breach’s impact on servicemen and women, Shapps outlined an eight-point plan, including the establishment of a specialist support helpline. He underscored the incident as indicative of the escalating and evolving threats confronting the UK’s security landscape.
“For reasons of national security, we can’t release further details of the suspected cyber-activity behind this incident,” Shapps said. “However, I can confirm to the House that we do have indications that this was the suspected work of a malign actor and we cannot rule out state involvement.”
BBC sources suggest an early-stage inquiry into the breach, which could prove embarrassing for the MoD. Naming a perpetrator officially can be a protracted process, hence China is unlikely to be officially implicated soon, despite mounting suspicions, particularly given Beijing’s history of targeting similar datasets.
“Malign actor”
Prime Minister Rishi Sunak, during a visit to a football academy in London, acknowledged indications of a “malign actor” compromising the armed forces payment network, assuring the public that the MoD has taken measures such as moving the network offline and providing support to affected individuals.
The breach follows recent accusations against Beijing for a cyberattack on the UK’s voting registers, prompting Chancellor Sunak to label China as the greatest state-based challenge to national security.
Opposition figures have raised concerns about the breach’s implications. Labour’s shadow defence secretary, John Healey, emphasized the need for answers, particularly from affected forces personnel. He also singled out Shared Services Connected, the external contractor responsible for the compromised system, raising concerns about their role in the breach.
Sir Iain Duncan Smith, former Conservative leader, condemned China as a systemic threat: “This is yet another example of why the UK government must admit that China poses a systemic threat to the UK and change the integrated review to reflect that.”
In the previous year, the UK government released a revised edition of its comprehensive defense strategy, highlighting the increasing proliferation of “commercial spyware, ransomware, and offensive cyber capabilities” employed by both state and non-state entities.
Information for this briefing was found via Reuters, BBC, Independent, and the sources mentioned. The author has no securities or affiliations related to this organization. Not a recommendation to buy or sell. Always do additional research and consult a professional before purchasing a security. The author holds no licenses.
