'Can't rule out state involvement': Shapps says 'Malign actor' behind MoD payroll cyber attack

defence
Politics
armed forces
Tuesday 7 May 2024 at 5:53pm

ITV News Political Correspondent Carl Dinnen reports on what we know about the Ministry of Defence payroll hack

The UK Government "cannot rule out state involvement" from another country in a cyber attack on the Ministry of Defence (MoD) amid speculation China was responsible.

Up to 272,000 serving armed forces personnel's bank details may have been compromised following the hack of a third-party payroll system used by the MoD.

Defence Secretary Grant Shapps confirmed a suspected "malign actor" is behind the attack but would not say who it was for "national security reasons".

He said there is evidence of “potential failings” of the contractor operating the payroll system that was attacked, “which may have made it easier" for the hacker to gain access to the bank details of service personnel and veterans.

The government has not named the contractor but Labour’s Shadow Defence Secretary John Healey said it was SSCL.

“So many serious questions for the Defence Secretary on this, especially from Forces personnel whose details were targeted," Mr Healey said.

Reports suggest China was behind the attack - but the government is not yet pinning the blame on Beijing.

A spokesperson for the Chinese Embassy in the UK described the "so-called cyber attacks by China" as "completely fabricated and malicious slanders".

Amid the speculation, Rishi Sunak - when pressed - said he had set out “a very robust policy” towards Beijing, taking the powers necessary “to protect ourselves against the risk that China and other countries pose to us”.

He added that Britain was facing “an axis of authoritarian states, including Russia, Iran, North Korea and China” that “pose a risk to our values, our interests and, indeed, our country”.

In an update to the Commons, Mr Shapps apologised to armed forces personnel saying the attack "should not have happened" and set out an eight-point plan to support and protect those potentially affected.

He also said: “We’ve launched a full investigation, drawing on Cabinet Office support and specialist external expertise to examine the potential failings of the contractor and to minimise the risk of similar incidents in the future.”

An MoD source told ITV News the hack had happened in recent days and hit a network that was "completely external to core systems."

The department said it acted "very swiftly" when it discovered the breach by taking the external network - operated by a contractor - offline.

The details of all serving personnel, reservists and a small number of veterans have been impacted. They include names, bank details and in a small number of cases, their personal addresses.

The government has launched an investigation into how the hack happened, which will look at potential failings of the contractor.

Initial investigations have found no evidence that any data has been removed, but affected armed forces personnel have been alerted as a precaution.

The government has purchased a personal data protection service that impacted individuals will be able to use to check whether their information is being used or an attempt is being made to use it.

It is understood despite the hack and the subsequent taking down of the payroll system, all serving personnel will be paid on time this month.

Some small expenses like hotels and taxis may be delayed but the MoD source said "no one is going to be out of pocket from this."

Amid speculation Beijing could be behind the breach, a spokesman for the Chinese embassy in the UK said they "strongly oppose such accusations. China has always firmly fought all forms of cyber attacks according to law."

“China does not encourage, support or condone cyber attacks," he added. "At the same time, we oppose the politicisation of cybersecurity issues and the baseless denigration of other countries without factual evidence.

Have you heard our new podcast Talking Politics? Every week Tom, Robert and Anushka dig into the biggest issues dominating the political agenda…

“China has always upheld the principle of non-interference in each other’s internal affairs. China has neither the interest nor the need to meddle in the internal affairs of the UK.

“We urge the relevant parties in the UK to stop spreading false information, stop fabricating so-called China threat narratives, and stop their anti-China political farce.”

The revelation comes after the UK and the US in March accused China of a global campaign of “malicious” cyber attacks in an unprecedented joint operation to reveal Beijing’s espionage.

Britain blamed Beijing for targeting the Electoral Commission watchdog in 2021 and for being behind a campaign of online “reconnaissance” aimed at the email accounts of MPs and peers.

In response to the Beijing-linked hacks on the Electoral Commission and 43 individuals, a front company, Wuhan Xiaoruizhi Science and Technology Company, and two people linked to the APT31 hacking group were sanctioned.

But some of the MPs targeted by the Chinese state said the response did not go far enough, urging the Government to toughen its stance on China by labelling it a “threat” to national security rather than an “epoch-defining challenge”.

Want a quick and expert briefing on the biggest news stories? Listen to our latest podcasts to find out What You Need To Know…