Hands reaching towards a computer screen, attempting data theft in a cyberattack.

UK Ministry Of Defence Targeted In Cyberattack

The UK Ministry of Defence (MoD) was reportedly targeted in a major cyberattack believed to have originated in China. The attack resulted in a data breach, revealing significant information about the armed forces.

The attack, which is believed to have happened twice or three times, was directed at a third-party payroll system that held sensitive information of tens of thousands of veterans and active members of the British armed services.

The government disclosed its insights on incidents that happened between 2021 and 2022 after linking two “malicious” hacking attacks with Chinese “state-affiliated actors”.

The cyberattack exposed names, bank information, and a few thousand home addresses of current and former armed services members. Defence Minister Grant Shapps apologized to the military services affected by the recent cyberattack on the Ministry of Defence, impacting up to 272,000 people.

Addressing the Commons on Tuesday afternoon, he said: ‘I want to apologise for the men and women affected – it should not happen’.

Mr. Shapps declined to name the person responsible for the attack when he addressed the Commons:

Due to national security concerns, we are unable to disclose additional details regarding the suspected cyber activity involved in this incident. However, I can confirm to the House that we do have indications that this was the suspected work of a malign actor, and we cannot rule out state involvement.

The Prime Minister cited the UK’s “very robust” government policy in response to a question about why the government is not holding China accountable, emphasising more defence spending as a defence against China’s threats.

Deputy Prime Minister Oliver Dowden told the House of Commons in March that two people and a Chinese state-affiliated firm had been banned for engaging in attacks on the Electoral Commission.

The UK imposed sanctions on two individuals and a firm associated with the cybergroup APT31, Dowden informed members of parliament. This group is connected with China’s Ministry of State Security.

According to former Conservative minister Tobias Ellwood:

Targeting the names of the payroll system and service personnel’s bank details, this does point to China because it can be as part of a plan, a strategy to see who might be coerced.

Lin Jian, a spokesperson for China’s Ministry of Foreign Affairs, emphasised Beijing’s unwavering resistance to cyberattacks in all its forms. Jian vehemently objected to the politicisation of hacking incidents in a statement, claiming that doing so would only unfairly criticise foreign nations.

Lin further mentioned in his statement:

The remarks by relevant British politicians are utter nonsense. China has always firmly opposed and cracked down on all types of cyberattacks.

Chinese President Xi Jinping started his diplomatic tour to Europe on May 6th, when he met with French President Emmanuel Macron in Paris. Following his visit, seven French legislators who had been the subject of cyberattacks allegedly executed by Chinese hackers demanded that French authorities launch a formal inquiry.

They support officially linking the attacks to APT31, the same group that Uk had already sanctioned in March. Although China has been openly suspected of hacking by the US, UK, and NZ, French authorities have not followed suit.

Recently, there has been increasing tension between the two nations due to hacking incidents. In March Britain accused Chinese hackers and a connected company of being responsible for two major attacks targeting MPs critical of China and the country’s election authority.

The fragile relationship between Britain and China has emphasised the difficulty of striking a careful balance. On the one hand, UK tries to neutralise China’s security risks while yet maintaining or even increasing its engagement in areas such as commerce, investment, and climate change.

The Ministry of Defence will provide further details on the breach to those affected by the cyberattack. In an email sent to affected individuals on Tuesday, employees were assured that May salaries are expected to remain unaffected.

Help your colleagues keep a security-first mindset and boost your human firewall by starting your Phishing Tackle security awareness training today with our two-week free trial.

Recent posts