Suspected Chinese hack of Britain’s Ministry of Defence linked to contractor, minister confirms

That has upset a noisy element among the government’s own MPs, many of whom see China as a major threat to UK security and would prefer the government to be more explicit about this.

In March, China was blamed for a cybercampaign targeting MPs. Not long after, two Parliamentary aides were charged with spying for China under the Official Secrets Act. In political circles, at least, the theme is now well-defined: The Chinese state has long tentacles, and the British state and politicians are in its sights.

Separately, the UK and several of its allies recently accused China of targeting critical infrastructure through the Volt Typhoon hacking campaign.

Third-party compromise unknown

A more unusual aspect of the latest incident is that a senior minister has so quickly connected a compromise affecting government systems to a third party.

Shapps only confirmed the contractor involved in Parliament when the Labour Party’s shadow defence secretary John Healey named the company as Shared Services Connected Ltd (SSCL), which operates the MOD payroll contract in addition to many others across the government.

What is not yet known is the nature of the issue that led to the incident nor how much data was accessed. That might only become apparent many months later, assuming any investigation into the incident is ever made public.