State involvement in MoD cyber attack cannot be ruled out, Grant Shapps says

7 May 2024, 19:44

Grant Shapps
Budget 2024. Picture: PA

The Defence Secretary said there is evidence of ‘potential failings’ of the contractor behind the hacked payroll system, named as SSCL in Parliament.

Grant Shapps has said that “state involvement” in the large-scale cyber attack on the Ministry of Defence (MoD) cannot be ruled out amid speculation China carried out the hack.

The Defence Secretary said there is evidence of “potential failings” of the contractor operating the payroll system that was hacked, “which may have made it easier for the malign actor” to gain access to the bank details of service personnel and veterans.

Labour’s shadow defence secretary John Healey named the contractor as SSCL.

The firm says it provides business process services to 22 government departments and agencies and is responsible for paying 550,000 public servants.

Confirming the contractor was SSCL, Mr Shapps said he had asked for a review of the company’s work across government.

Up to 272,000 service personnel may have been hit by the data breach, Mr Shapps told MPs.

He set out an eight-point plan to support and protect those potentially affected.

The Cabinet minister declined to identify the culprit, telling the Commons: “For reasons of national security, we can’t release further details of the suspected cyber activity behind this incident.

“However, I can confirm to the House that we do have indications that this was the suspected work of a malign actor and we cannot rule out state involvement.”

He also said: “We’ve launched a full investigation, drawing on Cabinet Office support and specialist external expertise to examine the potential failings of the contractor and to minimise the risk of similar incidents in the future.”

Initial investigations have found no evidence that any data has been removed, but affected armed forces personnel have been alerted as a precaution.

The payment network is “an external system completely separate to the MoD’s core network”, Mr Shapps stressed.

The system holds personal data – including names, bank details and some addresses – of regular reserve personnel and some recently retired veterans.

Changes are being made to the system to ensure it is secure before payments are recommenced, the Defence Secretary said.

The senior Tory apologised “to the men and women who are affected by this”, adding “it should not have happened”.

SSCL says on its website that it plays a “central role in delivering the MoD’s vision to transform core payroll, HR and pension services” for 230,000 military personnel and reservists and two million veterans.

The firm, a subsidiary of the Paris-based tech company Sopra Steria, says it processes more than £363 billion in payments each year, 6.77 million transactions and 1.5 million invoices.

The company, which says its “vision is to empower the UK public sector with digital solutions and innovative services”, also processes 1.2 million recruitment applications a year.

Prime Minister Rishi Sunak earlier also declined to say who was behind the cyber attack, but said the UK is taking the powers necessary “to protect ourselves against the risk that China and other countries pose to us”.

Rishi Sunak visit to London businesses
Prime Minister Rishi Sunak said there were ‘indications that a malign actor’ had compromised the payroll database (Kin Cheung/PA)

Conservative former leader Sir Iain Duncan Smith said he was “concerned” the Government was not able to point the finger at China.

“I think the Government is a bit conflicted about this,” he told Sky News, claiming the Foreign Office did not want to “upset China”.

“The truth is we know that China is the malign actor they’re referring to.”

A spokesperson for the Chinese embassy said claims Beijing was behind the attack were “completely fabricated and malicious slanders”.

They said: “China has neither the interest nor the need to meddle in the internal affairs of the UK.

“We urge the relevant parties in the UK to stop spreading false information, stop fabricating so-called China threat narratives, and stop their anti-China political farce.”

Labour’s Mr Healey said: “The MoD’s data security record is getting worse while threats against the UK rise – with a three-fold increase in MoD data breaches over the last five years.

“Such flaws in our cybersecurity must be fixed.”

The revelation of the MoD data breach comes after the UK and the US in March accused China of a global campaign of “malicious” cyber attacks in an unprecedented joint operation to reveal Beijing’s espionage.

Britain blamed Beijing for targeting the Electoral Commission watchdog in 2021 and for being behind a campaign of online “reconnaissance” aimed at the email accounts of MPs and peers.

The Metropolitan Police Service (MPS) also uses SSCL as payroll network provider.

The Met said: “There is currently no evidence to suggest that there has been any compromise of the MPS payroll service.”

By Press Association

More Technology News

See more More Technology News

Cyber attack at major London hospitals

Hundreds of operations and appointments cancelled in week after NHS cyber attack

Labour said it would also ban the creation of sexually explicit deepfakes (PA)

Labour commits to introducing AI regulation for tech giants

Daniel Bedingfield

Pop star Daniel Bedingfield praises AI for capturing ‘soul’ of his music

Elon Musk, CEO of Tesla and SpaceX (PA)

Elon Musk says Tesla shareholders will vote to approve pay deal

Person wearing an Apple watch on their left wrist

Smart watches could help track Parkinson’s disease progression – study

A person's forefinger poised on the keyboard of a laptop computer

Gaming giant Steam facing £656m legal claim for ‘overcharging’ UK gamers

A group of schoolchildren standing around

Most children cannot name MP and fifth get political news from TikTok – survey

A person using a keyboard to sign into the X website on a laptop

Elon Musk confirms X will start hiding likes on posts

A technician working at Currys' Repair Centre in Newark, Nottinghamshire

Currys working to improve consumer trust in refurbished and repaired tech

Raspberry Pi 4 micro computer launch

Raspberry Pi shares jump 40% after London IPO

Apple WWDC event

Apple unveils generative AI assistant for iPhone, iPad and Mac at conference

ChatGPT on a MacBook

Apple keen on more deals with AI chatbots after link-up with ChatGPT

Elon Musk during an ‘in-conversation’ event

Elon Musk says he could ban Apple devices at his companies over OpenAI deal

Apple Intelligence writing tools

Apple Intelligence is ‘promising first step’ for firm’s AI tools, experts say


Genetics testing company 23andMe facing investigation over data breach

Apple Intelligence

Apple Intelligence: Tech giant unveils its new flagship generative AI tools