China Suspected in Major NATO Member’s Defense Hack | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #hacker

The Chinese government on Tuesday confirmed it was the unnamed nation state suspected of hacking the United Kingdom’s armed forces, when it released preemptive denials hours before it had been formally accused.

Britain’s defense secretary, Grant Shapps, told the House of Commons later the same day that “a malign actor” had breached a U.K. defense ministry contractor responsible for payroll. The “data incident” saw the cyber actor gain access to “part of the armed forces payment network” that is separate from the ministry’s “core network,” he said.

The system holds the personal information of regular and reserve personnel, as well as that of veterans, including their names, bank details and, in some cases, addresses, Shapps said.

“Whilst our initial investigations have found no evidence that any data has been removed, as a precaution we have today alerted those service personnel affected through the chain of command,” he said.

Helicopters fly past with the Hong Kong and Chinese flags during a flag raising ceremony to celebrate the 25th anniversary of the city’s handover from Britain to China, in Hong Kong on July 1, 2022….
Helicopters fly past with the Hong Kong and Chinese flags during a flag raising ceremony to celebrate the 25th anniversary of the city’s handover from Britain to China, in Hong Kong on July 1, 2022. China is suspected of hacking the U.K.


The British government, which is attempting to balance its geopolitical competition with China against the economic benefits of its longstanding relationship, chose not to name the country behind the cybersecurity breach, which was said to have involved at least three attempts.

The U.K.’s Sky News, along with The Telegraph and the BBC, reported that China was the culprit.

Earlier in the day in Beijing, the Chinese foreign ministry had already preempted London’s announcement by issuing firm denials of its involvement, calling the allegations “purely unfounded.”

“China firmly opposes and fights all forms of cyberattacks. We also firmly reject using the cybersecurity issue politically to smear and vilify other countries,” ministry spokesperson Lin Jian said.

China’s embassy in London didn’t respond to a written request for comment. In a statement on its website, the embassy called the accusation “nothing but a fabricated and malicious slander.”

“It is extremely absurd and despicable. We strongly condemn it,” it said. “We urge the U.K. side to stop spreading disinformation, and stop such self-staged political farces.”

Safeguarding Steps

Shapps told lawmakers that his ministry had enacted an eight-point plan to safeguard the data of the hundreds of thousands of defense personnel under its purview, including by taking the system offline and launching a review of the contractor.

“There is evidence of potential failings by them, which may have made it easier for the malign actor to gain entry. A specialist security review of the contractor and their operations is underway, and appropriate steps will be taken,” Shapps said.

The British government didn’t say when the alleged cyberattack took place.

U.K. Prime Minister Rishi Sunak, who also didn’t name China, told Sky earlier that those affected by the hack would be “supported in the right way.”

In March, Britain’s National Cyber Security Center accused a Chinese entity linked to the country’s State Security Ministry of hacking the U.K.’s elections watchdog in 2021 and 2022, potentially exposing the data of tens of millions of citizens.

China-skeptic British lawmakers were also targeted, the agency said, in a joint announcement with the U.S. that hit the alleged Chinese hacking group with targeted sanctions.

In February, the FBI said Chinese cyber actors had infiltrated U.S. critical infrastructure with the aim of potentially disabling key networks in wartime in a strategy known as “pre-positioning.”