Cyberattack Suspected to be State-Sponsored Exposes UK Armed Forces Payroll

Amidst growing concerns over cybersecurity vulnerabilities, suspicions of state involvement have arisen following a significant breach in the UK’s armed forces payroll system, prompting diplomatic tensions and calls for enhanced security measures. Here’s the full story.

Online Shift

Image Credit: Shutterstock / Bumble Dee

In yet another sign of the shift of espionage activity to the online realm, a recent significant breach in the UK’s armed forces payroll system has come to light.

270,000 Records

Image Credit: Shutterstock / smolaw

The breach exposed approximately 270,000 payroll records of active, reserve, and veteran military members to malignant foreign state actors. 

Third-Party

Image Credit: Shutterstock / HJBC

The payroll records were managed by a third-party contractor, SSCL, a privately owned French company Sopra Steria subsidiary.

Deeply Embarrassing

Image Credit: Shutterstock / Mehaniq

The sheer scale of the breach is deeply embarrassing for the government, as the hackers accessed incredibly sensitive information, including the names, bank details, and addresses of serving personnel, reservists, and veterans. 

Many Suspect China

Image Credit: Shutterstock / Gorodenkoff

While government officials have been at pains not to name who they suspect may be behind the hack, suspicions have been widely discussed, with China emerging as the primary suspect. 

“Malign Actor”

Image Credit: Shutterstock / Alexandros Michailidis

Grant Shapps, the Defence Secretary, refused to lay the blame at China’s door, cautiously suggesting only the involvement of a “malign actor.”

“National Security”

Image Credit: Shutterstock / Poetra.RH

Shapps added, “For reasons of national security, we can’t release further details of the suspected cyber-activity behind this incident.”

Naming and Shaming

Image Credit: Shutterstock / Salivanchuk Semen

Despite the government’s reticence to name the country many believe is behind the hack, others on the government benches were considerably less concerned with naming and shaming the accused.

“Does Point to China”

Image Credit: Shutterstock / William Barton

Speaking to BBC Radio 4’s Today programme, Tobias Ellwood, who was previously the chair of the Commons Defence Committee, stated, “Targeting the names of the payroll system and service personnel’s bank details, this does point to China because it can be as part of a plan, a strategy to see who might be coerced.”

“Anti-China Political Farce”

Image Credit: Shutterstock / Aritra Deb

For its part, China has vehemently denied that it was behind the hack. A Chinese embassy spokesperson stated, “We urge the relevant parties in the UK to stop spreading false information, stop fabricating so-called China threat narratives, and stop their anti-China political farce.”

Questions Raised

Image Credit: Shutterstock / Tupungato

The government has been attacked for its handling of the data breach, and serious questions have been raised about its preparedness and accountability for cyber security threats. 

No Strategy

Image Credit: Shutterstock / Eric Johnson Photography

John Healey, the shadow Defence Secretary, claimed that the hack and the government’s reluctance to blame China showed that the government had “no cross-government China strategy”, leaving the UK open to more similar hacks from Beijing. 

“Evidence of Failings”

Image Credit: Shutterstock / Alexandros Michailidis

Concerns were also raised about the suitability of the contractor SSCL, who was handling the military records. Grant Shapps told the Commons that there was “evidence of failings” in the recently privatised company. 

Review Launched

Image Credit: Shutterstock / PeskyMonkey

The breach has led the Ministry of Defence (MoD) to launch a review of SSCL’s operations, and the Cabinet Office is conducting its own review of the company’s work for other government departments. 

Credit Checks

Image Credit: Shutterstock / Andrey_Popov

While the extent of the security breach remains unclear, measures have been taken to mitigate any potential risks to armed forces personnel. The government is offering credit checks for those affected to ensure that their bank data is not accessed. 

Fool Me Once 

Image Credit: Shutterstock / amgun

This is not the first time China has been publicly or privately blamed for breaches in the UK’s online security. 

Electoral Commission Attack

Image Credit: Shutterstock / chrisdorney

The government recently publicly blamed China for a cyber attack on the Electoral Commission in August 2021 that breached the data of millions of voters on the electoral register. 

“No More Pretence”

Image Credit: Shutterstock / Drop of Light

China’s perceived bullish attitude to the cyber-attacks has proven too much for some Conservative MPs, with Ian Duncan Smith stating, “No more pretence, China is a malign actor, supporting Russia with money and military equipment, working with Iran and North Korea in a new axis of totalitarian states.”

Proliferation of Cyber Attacks

Image Credit: Shutterstock / Max Acronym

The government has previously appeared slow to realise the pervasive threat posed by cyber-attacks on UK institutions, though its long-term defence strategy paper did note that as a tactic, the use of “commercial spyware, ransomware, and offensive cyber capabilities by state and non-state actors has proliferated.”

Inherent Weakness

Image Credit: Shutterstock / e-crow

The Armed Forces payroll data breach has brought to the forefront the inherent weaknesses of the modern, always-online world, particularly regarding online government information. 

Genuine Risks

Image Credit: Shutterstock / Standret

While the ease of buying and selling, tracking customers for ads and tailoring online experiences that make users more likely to buy products have been invaluable for businesses, there are still genuine risks when adversarial states or hackers looking for money misuse these systems.

Uncertain Future

Image Credit: Shutterstock / Gorodenkoff

However, what this hack might mean for the UK’s online security in the future remains to be seen.

The post Cyberattack Suspected to be State-Sponsored Exposes UK Armed Forces Payroll first appeared on 365 News.

Featured Image Credit: Shutterstock / William Barton.

Leave a Comment