The United Kingdom is grappling with an escalating cyber war as suspicions point towards China's involvement in a recent hack of the Ministry of Defence's (MoD) payroll system. The breach, which compromised sensitive details of armed forces personnel, has raised concerns about the growing threat posed by China's sophisticated cyber espionage operations.
While the government has not officially named China as the culprit, Defence Secretary Grant Shapps told MPs that there were indications the hack "was the suspected work of a malign actor" and that state involvement could not be ruled out. The BBC reported that ministers suspect China was responsible for the attack.
China has strongly denied these allegations, with the Chinese embassy in the UK describing the suggestion as a "fabricated and malicious slander." A spokesman urged the UK to "stop spreading false information, stop fabricating so-called China threat narratives, and stop their anti-China political farce."
The hack has exposed the vulnerability of even the most sensitive government systems to cyber attacks. The compromised payroll system, operated by an external contractor, contains personal information, including names and bank details, of current and former members of the Royal Navy, Army, and Royal Air Force spanning several years.
Prime Minister Rishi Sunak, while not directly naming China, acknowledged that a "malign actor" had compromised the system and stated that the government was reviewing the security of the unnamed contractor's operations.
The incident comes amid growing concerns about China's cyber espionage activities targeting Western nations. Ken McCallum, MI5's director general, disclosed in July 2022 that the number of operations being run by his intelligence agency against China had increased sevenfold in just four years, with MI5 doubling the size of its China mission to combat the threat.
In the US, FBI director Christopher Wray recently warned that China had already infiltrated critical infrastructure sectors, such as energy, water, and communications, and was waiting "for just the right moment to deal a devastating blow."
China's Ministry of State Security (MSS) has developed sophisticated cyber hacking operations that rival Western intelligence agencies. The National Cyber Security Centre (NCSC), a branch of MI5, has identified numerous Chinese hacking groups, such as APT 31, which has been active for over a decade and has been linked to attacks on the UK's Electoral Commission, US elections, and Microsoft systems.
Conservative MPs have expressed concern about the growing threat from China. Tobias Ellwood, former chairman of the Commons Defence Committee, pointed to China's previous attempts to gain information from ex-RAF pilots and suggested that the payroll system hack could be part of a strategy to identify individuals who might be coerced.
Iain Duncan Smith urged the government to admit that China poses a threat to the UK, stating, "No more pretence, China is a malign actor, supporting Russia with money and military equipment, working with Iran and North Korea in a new axis of totalitarian states."
