'Malign actor' behind cyberattack on MoD, Shapps says

"We cannot rule out state involvement," defence secretary says after payroll system hack
Photo: Justin Ng/Alamy Live News

By Zoe Crowther

08 May 2024

The government suspects a "malign actor" was responsible for a cyberattack on a database containing the details of military service personnel, defence secretary Grant Shapps has confirmed.

Although Shapps said they would not release further details at this stage "for reasons of national security", there are multiple reports that government sources suspect China is behind the hacking. 

"I can confirm to the House that we do have indications that this was the suspected work of a malign actor and we cannot rule out state involvement," Shapps told the House of Commons yesterday afternoon.

"This incident is further proof that the UK is facing rising and evolving threats and, as I set out in my speech in Lancaster House in January, the world is becoming somewhat more dangerous.

"Last month the government therefore announced an increase in defence spending to meet these new threats reaching 2.5% of GDP by the end of the decade."

Shapps apologised to the people affected by the cyberattack and said that while it was not the Ministry of Defence's own systems that had been hacked but one which was provided by a third party contractor, there was "evidence of potential failings" by this contractor that warranted an immediate security review of the contractor and their operations. 

"Following this incident, I can also announce today that although this incident is entirely unrelated to our own MoD networks, we are also reviewing all personnel data to ensure our people's data is secure," he continued.

Earlier in the day, a No.10 spokesperson said that "we are clear that China is a state-based threat to our economic security", with the UK having previously seen threatening behavior "that we will not stand for".

In response to Shapps's statement, Labour's shadow defence secretary, John Healey, welcomed the government's plans to protect the servicemen and women's details going forward, but criticised the way the hack had been briefed to the media before those involved were informed.

"My overriding concern is for the safety of serving personnel and veterans affected, worried about the risk to them and their families, hearing first about the data being hacked from the media and not from the MoD," he said.

"Our military put their own security at risk when they serve on the frontline and the very last thing they should have to worry about is their data security back home."

Healey added that since subcontractors were "well-known as the soft underbelly of security", this latest hack would raise serious questions about how the MoD manages its outsourced services.

The Labour MP also chose to name China as having been briefed as the perpetrator behind the hack, saying that if this was found to be the case, "it would represent a very serious threat to our national security".

China's foreign ministry said it "firmly opposes and fights all forms of cyber attacks" and "rejects the use of this issue politically to smear other countries".

Zoe Crowther is a journalist for CSW's sister title PoliticsHome, where this story first appeared

Read the most recent articles written by Zoe Crowther - Spring Budget 2024: What we know so far

Share this page