China Suspected in Major NATO Member’s Defense Hack

The Chinese government on Tuesday confirmed it was the unnamed nation state suspected of hacking the United Kingdom’s armed forces, when it released preemptive denials hours before it had been formally accused.

Britain’s defense secretary, Grant Shapps, told the House of Commons later the same day that “a malignant actor” had breached a UK defense ministry contractor responsible for payroll. The “data incident” saw the cyber actor gain access to “part of the armed forces payment network” that is separate from the ministry’s “core network,” he said.

The system holds the personal information of regular and reserve personnel, as well as that of veterans, including their names, bank details and, in some cases, addresses, Shapps said.

“Whilst our initial investigations have found no evidence that any data has been removed, as a precaution we have today alerted those service personnel affected through the chain of command,” he said.

The British government, which is attempting to balance its geopolitical competition with China against the economic benefits of its longstanding relationship, chose not to name the country behind the cybersecurity breach, which was said to have involved at least three attempts.

The UK’s Sky News, along with TheTelegraph and the BBC, reported that China was the culprit.

Earlier in the day in Beijing, the Chinese foreign ministry had already preempted London’s announcement by issuing firm denials of its involvement, calling the allegations “purely unfounded.”

“China firmly opposes and fights all forms of cyberattacks. We also firmly reject using the cybersecurity issue politically to smear and vilify other countries,” ministry spokesperson Lin Jian said.

China’s embassy in London didn’t respond to a written request for comment. In a statement on its website, the embassy called the accusation “nothing but a fabricated and malicious slander.”

“It is extremely absurd and despicable. We strongly condemn it,” it said. “We urge the UK side to stop spreading disinformation, and stop such self-staged political farces.”

Safeguarding Steps

Shapps told members that his ministry had implemented an eight-point plan to safeguard the data of the hundreds of thousands of defense personnel under its purview, including by taking the system offline and launching a review of the contractor.

“There is evidence of potential failings by them, which may have made it easier for the malignant actor to gain entry. A specialist security review of the contractor and their operations is underway, and appropriate steps will be taken,” Shapps said.

The British government didn’t say when the alleged cyberattack took place.

UK Prime Minister Rishi Sunak, who also didn’t name China, told Sky earlier that those affected by the hack would be “supported in the right way.”

In March, Britain’s National Cyber ​​Security Center accused a Chinese entity linked to the country’s State Security Ministry of hacking the UK’s elections watchdog in 2021 and 2022, potentially exposing the data of tens of millions of citizens.

China-skeptic British lawmakers were also targeted, the agency said, in a joint announcement with the US that hit the alleged Chinese hacking group with targeted sanctions.

In February, the FBI said Chinese cyber actors had infiltrated US critical infrastructure with the aim of potentially disabling key networks in wartime in a strategy known as “pre-positioning.”