close
close
orange

Suspected Chinese hackers have hacked into a British defense contractor

Vaseline

Up to 270,000 defense staff across Britain affected by hack

Akshaya Asokan (asokan_akshaya) •
May 7, 2024

Suspected Chinese hackers have hacked into a British defense contractor
Secretary of State for Defense Grant Shapps addressed the House of Commons on May 7, 2024. (Image: Shutterstock)

Sensitive information belonging to thousands of UK defense personnel was exposed to hackers after a threat actor with suspected links to the Chinese government compromised a defense contractor’s networks.

Also see: Using AI to stop email misdeliveries and prevent data loss

Defense Secretary Grant Shapps told the House of Commons on Tuesday that the hack stemmed from an attack on defense contractor SSCL. It affected about 270,000 individuals, but the number of staff whose data was compromised by the hackers could be lower, he said.

“While we don’t think data is necessarily being stolen, the government believes this has been done to ensure they receive the support they need,” Shapps said, adding that the government has ordered a full review of the contracts from SSLC. with the ministry. SSCL did not immediately respond to a request for comment. The company bills itself as the “largest provider of critical business support services” to the UK government and military.

The government is working with investigative agencies to determine the cause of the hack, Shapps said.

He did not immediately identify the threat actor, stating that “while there is a malicious campaign actor involved, we have yet to make the connection.”

Speaking to Sky News, British Conservative lawmaker Tobias Ellwood said the attack on the Ministry of Defense was likely carried out by Chinese nation-state hackers.

The outlet reported that the attacks stemmed from a payroll application used by the ministry that was targeted by the attackers at least three times. The affected servers, which were not connected to the ministry’s main server, have been taken offline, Sky News reports.

The Guardian reported that the exposed data included names, salary information and national security numbers. Hackers may not have stolen the affected data.

A spokesperson for the UK Information Commissioner’s Office told Information Security Media Group that the “Ministry of Defense has made us aware of this incident and we are assessing the information provided.”

The British government’s revelation comes months after British Deputy Prime Minister Oliver Dowden publicly attributed an attack on the Inter-Parliamentary Alliance on China – an international pressure group of lawmakers working to counter Beijing – to APT31 (see: UK reveals Chinese espionage activities)./p>

Also known as Violet Typhoon and Judgment Panda and active since at least 2017, the group carries out espionage attacks. US federal prosecutors in March indicted seven Chinese nationals whom they accused of working as contractors for a front company used by APT31 (see: US sues APT31 Chinese hackers for hire).

In 2023, the British government revealed that an unknown Chinese actor was behind the attacks on the British Electoral Commission, which led to hackers copying electoral register files (see: The British Electoral Commission faced a ‘complex’ hack in 2021).

Ciaran Martin, former head of Britain’s National Cyber ​​Security Center, said the incident falls within the norms of international cyber espionage activities. “Unlike many other national cyber operations, it does not appear at this stage that any norms have been breached,” Martin said. said. “This looks like espionage by our government. No one, including Britain, has seriously tried to argue for a ban on spying on governments.”

Related Posts