- MPs are set to be told about the massive data breach tomorrow
Failures by a formerly government-owned contractor may have made a cyber attack on Armed Forces data being blamed on China ‘easier’ to carry out, the Defence Secretary said today.
Grant Shapps confirmed that Shared Services Connected Ltd (SSCL) was the company whose system was hacked, exposing the names and bank details of hundreds of thousands of service personnel – and some home addresses.
In a statement to MPs this afternoon Mr Shapps suggested that little or no data had been stolen, as he announced a probe into what happened.
Up to 272,000 service personnel may have been hit by the data breach, Mr Shapps told MPs as he set out an eight-point plan to support and protect those potentially affected.
He blamed the attack on a ‘malign actor’, but failed to confirm reports that China was behind the break-in despite saying a nation state may have been involved.
The Defence Secretary also criticised SSCL, saying there was ‘evidence of potential failings by them that may have made it easier for the malign actor to gain entry.’
Politicians and experts said the attack bore all the hallmarks of Chinese origin.
Conservative former leader Sir Iain Duncan Smith told Sky News: ‘This is yet another example of why the UK Government must admit that China poses a systemic threat to the UK and change the integrated review to reflect that.
‘No more pretence, it is a malign actor, supporting Russia with money and military equipment, working with Iran and North Korea in a new axis of totalitarian states.’
Former defence minister Tobias Ellwood told the BBC‘s Radio 4 Today programme: ‘Targeting the names of the payroll system and service personnel’s bank details, this does point to China because it can be as part of a plan, a strategy to see who might be coerced.’
It comes as president Xi visits France on a state visit, where he will hold talks with Emmanuel Macron.
The Chinese embassy in London denied involvement, saying claims of an attack were ‘completely fabricated and malicious slanders’.
Mr Shapps told the Commons: ‘In recent days the Ministry of Defence (MoD) has identified indications that a malign actor gained access to part of the Armed Forces payment network. This is an external system completely separate to the MoD’s core network, and it’s not connected to the main military HR system.
‘The House will wish to note that it is operated by a contractor and there is evidence of potential failings by them which may have made it easier for the malign actor to gain entry. A specialist security review of the contractor and their operations is under way and appropriate steps will be taken.
‘The contractor-operated system in question is held and holds personal data of regular reserve personnel and some recently retired veterans, this includes names and bank details and in a smaller number of cases addresses.
‘In response to this incident, we’ve undertaken significant and immediate action, enacting a multi-point response plan to support and protect our people.’
Up to 272,000 service personnel may have been hit by the data breach, Mr Shapps told MPs.
He set out an eight-point plan to support and protect those potentially affected.
Mr Shapps told the House of Commons he couldn’t release further details of the attack ‘for reasons of national security’.
But he added: ‘We do have indications that this was the suspected work of a malign actor and we cannot rule out state involvement.’
‘This incident is further proof that the UK is facing rising and evolving threats… the world is I’m afraid becoming somewhat more dangerous.’
Labour’s shadow defence secretary John Healey said there would be ‘serious concern’ that news of the cyber attack was reported in the media before Mr Shapps was able to update Parliament.
He added: ‘The media have clearly been briefed that China is behind the hack but the Defence Secretary only tells us about a malign actor.
‘Now, the Government rightly has a very rigorous system before official accusations or attributions are made.
‘But if this deep data breach is found to be carried out by a hostile state, it would represent a very serious threat to our national security.’
Mr Shapps replied: ‘The media release last night was coincidental and unwelcome as far as we were concerned. Unfortunately, of course, a lot of people were involved in this.’
Tory MP Bob Seely, who served in the Armed Forces in Iraq and Afghanistan, revealed to MPs that he was among the victims of the hack.
He told the Commons: ‘It is a little frustrating to be told that one’s bank details and National Insurance are winging their way to Beijing or wherever they’ve gone.
‘Considering that I was also caught up in the IPAC (Inter-Parliamentary Alliance on China) breach, I am wondering if I am currently in the running for being the most hacked MP in Britain.’
Mr Shapps responded: ‘I want to thank him for his service and I’m sorry he had to receive that phone call about what’s happened.
‘I want to stress, actually, that we do not believe the data has necessarily been stolen, so there’s a danger here of just running a couple of steps ahead.’
Sir Iain tackled Mr Shapps on refusing to name China as the malign actor in hacking incidents, and called for the country to placed in the enhanced tier of the Foreign Influence Registration Scheme.
He said: ‘We know now that the British Government were warned by the security services in America nearly two years ago that the Electoral Commission’s system was hacked and that also a number of MPs had also been hacked here in the UK.
‘We now discover that in that two-year period the Government said nothing about China’s role in all this.
‘I have a concern that, although the Government now refuses to say who it is, we may spend another two years before we ever discover or say publicly.’
He added: ‘Why in heaven’s name don’t we take the decision to place this malign actor into that enhanced place and then make sure we deal with them accordingly?’
Mr Shapps told Sir Iain he was ‘absolutely right’ on attribution with regard to the hack affecting the Electoral Commission and MPs, but added: ‘He has encouraged me at the despatch to therefore jump to the conclusion that the malign actor involved is China as well, and I’m simply unable to do that at this stage. He would expect me to follow due process.
‘I do rather support his view that, if attribution is required, that that should happen in a timely and speedy manner, and I will undertake from this despatch box to ensure that in this case that is what happens and we do not get into a situation where many months or years pass by without it being mentioned.’
The Ministry of Defence (MoD) took immediate action when it discovered the breach, taking the external network – operated by a contractor – offline.
Downing Street said the Government had also launched a security review of the contractor’s operations.
The Prime Minister’s official spokesman declined to comment on speculation about the origin of the attack ahead of the statement to the Commons by Mr Shapps this afternoon.
It comes less than two months after Chinese state-affiliated actors were blamed by the government for two ‘malicious’ cyberattack campaigns in the UK.
The two incidents involved an attack on the Electoral Commission in 2021 as well as targeted attacks against MPs sceptical of China.
In a speech made in the commons last month, Deputy Prime Minister Oliver Dowden confirmed that the Chinese ambassador would be summoned to ‘account for China’s conduct in these incidents’.
He also announced that the UK – alongside international partners including the US – would be issuing sanctions against the Chinese government.
The MoD is said to be hopeful that serving personnel will not be concerned about their safety. Those impacted by the data breach will be given advice and support tomorrow.
The contractor system is not connected to the main MoD computer systems and has been taken down with a review launched.
All salaries were paid at the last payday, with no issues expected at the next one at the end of this month, although there may be a slight delay in the payment of expenses in a small number of cases.
The MoD is said to have worked on the issue intensively over the last 72 hours to figure out how much data was exposed during the hack. It is understood that investigations have not shown any data to have been taken so far.
Up to 250,000 people could be impacted by the breach with their names and bank details amongst the information that has been compromised.
The identification of Special Forces soldiers – who are entitled to lifelong anonymity – has not been compromised according to defence sources.
The country’s President Xi Jinping is currently on a two-day state visit to France – his first visit to Europe since 2019.
Meeting with French President Emmanuel Macron yesterday, President Xi called for a ‘worldwide truce’ during the Olympic Games this summer.
The incident risks dissuading other countries with challenging relationships with China from sharing sensitive intelligence with the UK.
https://www.dailymail.co.uk/articles.rss
David Wilcock
