The Government insisted on Tuesday that it takes cybersecurity “extremely seriously” after China reportedly targeted a database that hosts payroll details for the UK armed forces.
Work and Pensions Secretary Mel Stride said it was an “assumption” that China was responsible but said the Government was not apportioning blame after the hack emerged in recent days.
But speaking on Sky News, which first reported the incident, he stressed “our eyes are wide open when it comes to China”.
Defence Secretary Grant Shapps will be updating MPs later, but it was already apparent that the cyber attack was on a third-party contractor’s system rather than a Ministry of Defence database, Mr Stride said.
The MoD acted “very swiftly” to take the database off line, he said: “We take cybersecurity extremely seriously. Our intelligence services do, our military does as well.”
Senior Conservative MP Tobias Ellwood said the targeting of the system had all the hallmarks of a Chinese cyber attack.
The ex-soldier told the Today programme on BBC Radio 4: “Targeting the names of the payroll system and service personnel’s bank details, this does point to China because it can be as part of a plan, a strategy to see who might be coerced.”
The hack potentially compromised the bank details of all serving armed forces personnel and some veterans. A very small number of addresses may also have been accessed.
So many serious questions for the Defence Secretary on this, especially from forces personnel whose details were targeted
It is understood that initial investigations have found no evidence that data has been removed.
But affected service personnel will be alerted as a precaution and provided with specialist advice. They will be able to use a personal data protection service to check whether their information is being used or an attempt is being made to use it.
All salaries were paid at the last payday, with no issues expected at the next one at the end of this month, although there may be a slight delay in the payment of expenses in a small number of cases.
Mr Shapps is expected to blame hostile and malign actors, without naming any country.
The revelation comes after the UK and the United States in March accused China of a global campaign of “malicious” cyber attacks in an unprecedented joint operation to reveal Beijing’s espionage.
Britain blamed Beijing for targeting the Electoral Commission watchdog in 2021 and for being behind a campaign of online “reconnaissance” aimed at the email accounts of MPs and peers.
Labour’s shadow defence secretary John Healey said: “So many serious questions for the Defence Secretary on this, especially from forces personnel whose details were targeted.
“Any such hostile action is utterly unacceptable.”
In response to the Beijing-linked hacks on the Electoral Commission and 43 individuals, a front company, Wuhan Xiaoruizhi Science and Technology Company, and two people linked to the APT31 hacking group were sanctioned.
But some of the MPs targeted by the Chinese state said the response did not go far enough, urging the Government to toughen its stance on China by labelling it a “threat” to national security rather than an “epoch-defining challenge”.
Conservative former leader Sir Iain Duncan Smith told Sky News: “This is yet another example of why the UK government must admit that China poses a systemic threat to the UK and change the integrated review to reflect that.
“No more pretence, it is a malign actor, supporting Russia with money and military equipment, working with Iran and North Korea in a new axis of totalitarian states.”
The Metropolitan Police said it is not involved in any investigation at this stage.