UK Ministry of Defence hit by major cyber-attack

The UK’s Ministry of Defence payroll system –  managed by external provider SSCL –  has been hacked, exposing sensitive details of 270,000 armed forces personnel.

Sky News has reported that Whitehall sources are blaming the Chinese state for the attack. However, the UK government has not publicly named China as the perpetrator and the country’s government has denied any involvement.

The cyber-attack appears to have compromised the personal information of current and former Royal Navy, Army, and Royal Air Force members. The data included names, bank details, and, in some cases, addresses.

The MoD has responded swiftly, taking the compromised system offline and launching an investigation to ascertain the extent of the breach.

In a statement to the House of Commons today, UK Defence Secretary Grant Shapps named SSCL as the contractor providing the affected software. SSCL – a subsidiary of Paris-based tech company Sopra Steria – also provides critical business support services for the government, the Metropolitan Police Service, and the Construction Industry Training Board (CITB).

While initial assessments indicate no data has been exfiltrated, the incident has sparked serious concerns about the security of supply chains and the susceptibility of critical sectors to cyber espionage, potentially leading to further breaches.

The MoD is notifying affected individuals and has assured them that no operational data has been compromised.

Shapps also presented an eight-point plan in response to the cyber-attack in a statement to the House of Commons.

The plan consists of several measures, including securing the affected system, launching an investigation, providing personal data protection monitoring, reviewing MoD networks, and offering specialist advice and a helpline.

While Shapps did not name a specific party responsible for the attack, he did suggest, “We cannot rule out [hostile] state involvement.”

Supply chain

Ian Nicholson, incident response head at cyber firm Pentest People, has emphasised the importance of bolstering defences, particularly in supply chains, to prevent future breaches.

“Cyber adversaries are increasingly targeting supply chains due to their interconnected and often less-secured nature, posing significant risks to organisations, particularly in critical sectors like defence,” he said.

“By conducting comprehensive vendor assessments, imposing stringent contractual requirements, implementing enhanced access controls, maintaining real-time monitoring, and integrating incident response strategies, organisations can fortify their defences and safeguard critical sectors such as defence.”

Stay informed with all of the latest cyber security news on TechInformed