Foreign ‘state involvement’ not dominated out in large Ministry of Defence hack

Foreign “state involvement” cannot be ruled out in a massive Ministry of Defence cyber-attack amid speculation China carried out the hack.

The Defence Secretary Grant Shapps was forced to issue an apology today to armed forces personnel after a massive breach on the payroll system that left their data exposed. The hack had potentially compromised the bank details of up to 272,000 serving members of the armed forces and some veterans, with a very small number of addresses accessed.

Mr Shapps declined to identify the “malign actor” behind the attack amid reports the Government suspects Beijing of being responsible. “For reasons of national security, we can’t release further details of the suspected cyber activity behind this incident,” he told MPs in the Commons.

But he added: “I can confirm we do have indications this was the suspected work of a malign actor and we cannot rule out state involvement.” Rishi Sunak also said there were “indications that a malign actor” had compromised the database but declined to attribute the attack to a specific state or “actor”.

The Ministry of Defence (MoD) took immediate action when it discovered the breach, taking the external network – operated by a contractor – offline. Mr Shapps said an investigation will be launched and said there is evidence of “potential failings” of the contractor operating the payroll system that was hacked.

He said this “may have made it easier for the malign actor” to gain access to the bank details of serving armed forces personnel, reservists, and some veterans. Issuing an apology to them, the Defence Secretary said: “It cannot happen again.” But he said there was no evidence data had been removed from the system in the hack.

The Cabinet minister also said letters will be sent out to some veterans as a “precaution” while the Ministry of Defence has set up a helpline to help those impacted.

While welcoming the steps, Labour’s Shadow Defence Secretary Jonathan Healey said: “My overriding concern is for the safety of serving personnel and veterans affected, worried about the risk to them and their families.” He added: “Our military puts their own security at risk when they serve on the frontline and the very last thing they should have to worry about is their data security back home. Any such hostile action against our forces is utterly unacceptable.”

A spokesman for the Chinese Embassy said today claims Beijing was behind the attack were “completely fabricated and malicious slanders”. They said: “China has always firmly fought all forms of cyber attacks according to law.

“China does not encourage, support or condone cyber attacks. At the same time, we oppose the politicisation of cybersecurity issues and the baseless denigration of other countries without factual evidence. China has always upheld the principle of non-interference in each other’s internal affairs. China has neither the interest nor the need to meddle in the internal affairs of the UK. We urge the relevant parties in the UK to stop spreading false information, stop fabricating so-called China threat narratives, and stop their anti-China political farce.”