The UK government is investigating a suspected cyberattack by China on the Ministry of Defence's (MoD) armed forces payroll system. While Defence Secretary Grant Shapps will not explicitly accuse China in his upcoming address to MPs, he will highlight the broader threats of cyber espionage by hostile nations.
The breached system, which was managed by an external contractor, contains sensitive information including names, bank details, and in some instances, personal addresses of armed forces personnel. Although there is currently no evidence that the data was extracted from the system, the government is proceeding cautiously as if it were.
The MoD has been working diligently over the past 72 hours to determine the extent of the hack after its recent discovery. Despite intensive investigations, there has been no indication so far that any data was actually removed. This uncertainty could lead to concerns among other nations with strained relations with China about sharing sensitive intelligence with the UK.
This incident follows close on the heels of two "malicious" cyberattack campaigns in the UK, for which the government has blamed "state-affiliated actors" from China less than two months ago.
The investigation into this significant security lapse is still in its preliminary phases. Accurately identifying and publicly accusing the perpetrators can often take a considerable amount of time, sometimes even years. Consequently, China is unlikely to be formally identified as the culprit at this stage.
However, given Beijing's history of similar cyber activities, suspicions are leaning towards China. The affected service members will soon receive detailed information from the government about the breach. They will be advised on potential fraud risks, although the immediate concern is not believed to involve threats to their personal safety.
Read more about the story in the full report by Sky News.
