Stay up to date with notifications from The Independent

Notifications can be managed in browser preferences.

MoD cyberattack: Three-week hacking operation ‘by China’ exposed details of 270,000 armed forces personnel

Unclear whether Intelligence Corps members among those whose details have been taken in massive hacking operation

Kim Sengupta
Tuesday 07 May 2024 15:08 EDT
Comments
UK Ministry Of Defense Hit By Serious Cyberattack, China Suspected

Your support helps us to tell the story

From reproductive rights to climate change to Big Tech, The Independent is on the ground when the story is developing. Whether it's investigating the financials of Elon Musk's pro-Trump PAC or producing our latest documentary, 'The A Word', which shines a light on the American women fighting for reproductive rights, we know how important it is to parse out the facts from the messaging.

At such a critical moment in US history, we need reporters on the ground. Your donation allows us to keep sending journalists to speak to both sides of the story.

The Independent is trusted by Americans across the entire political spectrum. And unlike many other quality news outlets, we choose not to lock Americans out of our reporting and analysis with paywalls. We believe quality journalism should be available to everyone, paid for by those who can afford it.

Your support makes all the difference.

A hacking attack on the British military by China was massive in scale, with 270,000 serving personnel, as well as reservists and veterans, from all three services affected.

The Special Forces have not been caught up in the breach, as they use a different, more secure system, but it remains unclear whether members of the Intelligence Corps, part of the army, are among those whose personal details may have been taken.

It is believed the hacking operation has been going on around three weeks, but was discovered last week after investigators started tracking “a pattern of unusual activity”.

The missing information includes identities and bank details and in a few thousand cases, addresses and national insurance numbers. There is no evidence, at present, that the data had been exploited, but service personnel will be offered advice on monitoring their accounts.

The defence secretary, Grant Shapps, was due to brief the Commons on Tuesday afternoon on what has happened. He was not expected to blame the Chinese state as being culpable.

Defence secretary Grant Shapps was due to brief the Commons on Tuesday afternoon
Defence secretary Grant Shapps was due to brief the Commons on Tuesday afternoon (Copyright 2024 The Associated Press. All rights reserved)

“There are indications that a malign actor has compromised the armed forces payment network,” Prime Minister Rishi Sunak told reporters during a visit to a football academy in London on Tuesday.

“I do want to reassure people that the Ministry of Defence has already taken the action of removing the network offline and making sure that people affected are supported in the right way,” he added.

The trail so far goes back to hacking groups. And although they have acted on behalf of the Beijing regime, security officials point out that it could take months to establish a direct link.

Prime Minister Rishi Sunak said a ‘malign actor’ has probably compromised the UK armed forces’ payments system
Prime Minister Rishi Sunak said a ‘malign actor’ has probably compromised the UK armed forces’ payments system (PA Wire)

Tobias Ellwood, the Conservative MP and former soldier, told Sky News, that China “was probably looking at the financially vulnerable with a view that they may be coerced in exchange for cash”.

Labour’s shadow defence secretary, John Healey, said there are “so many serious questions for the defence secretary on this, especially from forces personnel whose details were targeted… Any such hostile action is utterly unacceptable.”

Sir Iain Duncan Smith, the former Conservative leader, who has been sanctioned by China, said: “This is yet another example of why the UK government must admit that China poses a systemic threat to the UK and change the integrated review to reflect that. No more pretence, it is a malign actor, supporting Russia with money and military equipment, working with Iran and North Korea in a new axis of totalitarian states.”

A spokesperson for the Chinese embassy in London said: “China has always upheld the principle of non-interference in each other’s internal affairs. China has neither the interest nor the need to meddle in the internal affairs of the UK. We urge the relevant parties in the UK to stop spreading false information, stop fabricating so-called China threat narratives, and stop their anti-China political farce.”

The defence breach came just weeks after ministers accused Beijing of being behind an attack on the UK’s voting registers, which gave China access to the names and addresses of millions of people.

Mr Sunak subsequently called China “the greatest state-based challenge to our national security” and an “epoch-defining challenge”.

Last year, the government published an updated version of its long-term defence strategy which said the use of “commercial spyware, ransomware and offensive cyber capabilities by state and non-state actors has proliferated”.

In December 2023, the National Cyber Security Agency said that Russia was responsible for “malicious cyber activity attempting to interfere in UK politics and democratic processes”.

Public institutions and private firms have also been targeted by hackers demanding ransoms.

Join our commenting forum

Join thought-provoking conversations, follow other Independent readers and see their replies

Comments

Thank you for registering

Please refresh the page or navigate to another page on the site to be automatically logged inPlease refresh your browser to be logged in