‘Malicious actor’ behind Defense Department cyber attack, says Sunak

Sign up for the View from Westminster email to receive expert analysis straight to your inbox

Get our free View from Westminster email.

The Prime Minister has declined to identify the “malicious actor” behind a cyber attack on the Ministry of Defense (MoD) amid speculation China carried out the hack.

The government has confirmed that a third-party payroll system was hacked, potentially compromising the banking information of military personnel and veterans. A very small number of addresses may also have been accessed.

Speaking to broadcasters in southeast London, Rishi Sunak said there was “evidence that a malicious actor” had compromised the database, but declined to attribute the attack to a specific state or “actor”.

Grant Shapps, the defense secretary, will brief MPs on the cyberattack later on Tuesday, but is also unlikely to say who was behind it.

Stressing his stance on China, Mr Sunak said he had pursued “a very robust policy” towards Beijing and had secured the necessary powers “to protect us from the risk that China and other countries pose to us”.

He added that Britain faces “an axis of authoritarian states, including Russia, Iran, North Korea and China” that pose “a threat to our values, our interests and indeed our country.”

Mr Sunak wanted to reassure the public that the Ministry of Defense had already acted by taking the relevant network offline and offering support to personnel affected by the incident.

Downing Street said the government had also launched a security review of the contractor’s operations.

The government’s re-examination of foreign and defense policy placed cybersecurity “at the center of attention, precisely these types of risks, particularly when it comes to state actors.”

It is understood initial investigations have found no evidence of data being removed.

However, affected service personnel will be alerted as a precaution and given expert advice. You can use a personal data protection service to check whether your data is being used or attempted to be used.

All salaries were paid on the last payday and no problems are expected on the next payday at the end of this month, although in a few cases there may be a slight delay in the payment of expenses.

The Ministry of Defense confirmed that Mr Shapps “will make a planned statement to the House of Commons this afternoon setting out the multi-point plan to support and protect staff”.

Ministers will blame hostile and malicious actors but will not name the country behind the hacking attack.

The Ministry of Defense has been working intensively to uncover the extent of the attack since its discovery a few days ago.

John Healey, Labour’s shadow defense secretary, said: “So many serious questions for the defense secretary on this issue, particularly from members of the armed forces whose data has been targeted.”

A Chinese embassy spokesman said the claims that Beijing was behind the attack were “completely fabricated and malicious slanders.”

They said: “China has always combated all forms of cyberattacks vigorously and lawfully.

“China does not promote, support or tolerate cyberattacks. At the same time, we oppose the politicization of cybersecurity issues and the baseless vilification of other countries without factual evidence.

“China has always upheld the principle of non-interference in each other’s internal affairs. China has neither the interest nor the need to interfere in the UK’s internal affairs.

“We call on relevant parties in the UK to stop spreading false information, stop inventing so-called China threat narratives and stop their anti-China political farce.”

The revelation came after Britain and the US in March accused China of a global campaign of “malicious” cyberattacks in an unprecedented joint operation to expose Beijing’s espionage.

Britain accused Beijing of targeting the electoral commission watchdog in 2021 and being behind an online “awareness campaign” that targeted the email accounts of MPs and colleagues.

In response to the Beijing-linked hacking attacks on the election commission and 43 people, a front company, Wuhan Xiaoruizhi Science and Technology Company, and two people linked to the hacking group APT31 were sanctioned.

But some of the MPs targeted by the Chinese state said the response had not gone far enough and called on the government to toughen its stance on China, describing it as a “threat” to national security rather than an “epoch-making challenge.” designated.

Former Conservative leader Sir Iain Duncan Smith echoed those calls, telling Sky News: “This is another example of why the UK government must admit that China poses a systemic threat to the UK and change the integrated review, to reflect this.”

“No more pretext, it is a malicious actor supporting Russia with money and military equipment and collaborating with Iran and North Korea in a new axis of totalitarian states.”

Former defense secretary Tobias Ellwood told the BBC’s Radio 4 Today programme: “Targeting the names of the payroll system and the banking details of military personnel points to China because it may be part of a plan, a strategy “To see who might be forced.”