Thousands of UK troops hit in suspected Chinese hack on defense ministry – POLITICO | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #hacker

Updating the House of Commons Tuesday afternoon, Defense Secretary Grant Shapps stopped short of directly accusing China of the attack. Beijing has angrily denied involvement.

But Sky News, which first broke the story, reported that Beijing is indeed in the frame. Previous public finger-pointing at China has come after months of work by U.K. security agencies. Officials told POLITICO’s London Playbook newsletter their work had not cleared the high bar for public attribution.

Shapps split the difference Tuesday, telling MPs the hack was “the suspected work of a malign actor and we can’t rule out state involvement.” But he said it won’t be possible to “release further details” at this point.

He said there was “evidence of potential failings” in the contractor-run payroll software which might have made it easier for a malign actor to gain access.

Speaking in the House of Commons, Shadow Defense Secretary John Healey named IT giant Sopra Steria as the parent firm of the hacked software.

Its subsidiary SSCL claims to provide core payroll, HR and pension service for 230,000 military personnel and reservists and 2 million veterans. Under questioning, Shapps confirmed the company in question is SSCL.

pl_facebook_pixel_args = [];
pl_facebook_pixel_args.userAgent = navigator.userAgent;
pl_facebook_pixel_args.language = navigator.language;

if ( document.referrer.indexOf( document.domain ) < 0 ) {
pl_facebook_pixel_args.referrer = document.referrer;

s.parentNode.insertBefore(t,s)}(window, document,'script',

fbq( 'consent', 'revoke' );
fbq( 'init', "394368290733607" );
fbq( 'track', 'PageView', pl_facebook_pixel_args );

if ( typeof window.__tcfapi !== 'undefined' ) {
window.__tcfapi( 'addEventListener', 2, function( tcData, listenerSuccess ) {
if ( listenerSuccess ) {
if ( tcData.eventStatus === 'useractioncomplete' || tcData.eventStatus === 'tcloaded' ) {

__tcfapi( 'getCustomVendorConsents', 2, function( vendorConsents, success ) {
if ( ! vendorConsents.hasOwnProperty( 'consentedPurposes' ) ) {

const consents = vendorConsents.consentedPurposes.filter(
function( vendorConsents ) {
return 'Create profiles for personalised advertising' ===;

if ( consents.length === 1 ) {
fbq( 'consent', 'grant' );
} );


Click Here For The Original Story From This Source.


National Cyber Security