MoD hacked, Labour tour USA, Chinese company in Scotland under scrutiny
All the latest Westminster happenings
Hello,
As we will discuss in today’s research note, hacking has been all over the news this week. When we think about hacking, most of us probably imagine a hooded figure sitting at a laptop with a pair of sunglasses on, perhaps with a red background behind them, trying to access ‘the mainframe’ or something similar, with matrix green numbers sliding down the screen. That’s certainly the photo image the media and Hollywood love to run.
But it’s worth thinking about some of the less-discussed impacts of hacking. The Government announced a package of measures “to target and dismantle Russian intelligence gathering operations in the UK” this week, noting the Russian Federal Security Service (FSB) had been behind “hacking and leaking UK-US trade documents” among other efforts. Readers may recall these leaked (although redacted) documents ended up being wielded on live television by then-leader of the Labour Party Jeremy Corbyn during a televised debate, who used them to attack Boris Johnson’s alleged plans for the NHS.
So why does this matter in relation to the UK-China bilateral? Because as we head towards an election, it will become incredibly important for British voters not to be fed information gathered by a hostile state through illegal means. That sounds obvious, and it is - but some politicos and advisers, feeling desperate, may find themselves turning to poorly sourced information (such as that which has surfaced on Twitter/X), and Fleet Street’s own 24/7 news cycle incentives might also prove fertile ground for seeding in illegally obtained stories.
Finally, a small Beijing to Britain exclusive. Trawling through the recently published i\International Relations and Defence Committee submitted evidence on ‘Implications of the war in Ukraine for UK Defence’, I found a submission from “an IT Professional, working for the UK Defence industry, who is seriously concerned by the state of IT in the MOD." Said anonymous IT official complained that the culture in the Ministry of Defence is not conducive to a positive, world-leading environment, and they don’t have systems in place to reward expertise (a painfully familiar complaint throughout Whitehall). They also note “Far more worrying is where this places the UK with respect to its prospective adversaries. The Chinese for example take cyber resourcing very seriously…The UK is seriously in danger of being outclassed by the likes of China..." The evidence was submitted about a fortnight before a Ministry of Defence contractor was hacked. Whoops!
- Sam Hogg, Editor
What you’ll learn in this briefing note
The latest on the MoD contractor hacking
What MPs discussed in Parliament
Which Chinese company is under scrutiny in Scotland
Diplomacy Tracker
Click on the arrow next to ‘month’ to get the most recent activity.
Politics
How did you spend your Bank Holiday Monday? If you were Sky News reporter Sam Coates, you ended it standing outside the Ministry of Defence, reporting exclusively on a leaked story that China was alleged to be behind a recent hack of the department. Setting aside the fact that yet another national security story was leaked to the press before politicians and civil servants had a chance to hear it from official Government sources, the allegation centred around an effort to gain access to MoD payroll data. Per Sky News “The cyberattack was on a payroll system with current service personnel and some veterans. It is largely names and bank details that have been exposed…The contractor system is not connected to the main MoD computer systems and has been taken down with a review launched…It is understood investigations have not so far shown any data has been taken.”
As the news spread throughout the evening, a number of politicians and activists offered a view. IPAC co-chair Iain Duncan Smith tweeted “This is yet another example of why the UK Govt must admit that China poses a systemic threat to the UK and change the integrated review to reflect that. No more pretence, China is a malign actor, supporting Russia with money and military equipment, working with Iran and North Korea in a new axis of totalitarian states.” IPAC Executive Director Luke de Pulford tweeted “And PLEASE spare me the exculpatory United Front talking point BS about how “all countries snoop on each other” - and “the US does it too”. Anybody saying this has spent zero time attempting to understand Beijing’s foreign interference industrial complex and is embarrassing themselves.” SNP IPAC member Stewart McDonald tweeted “After China successfully hacked the electoral commission and targeted a group of parliamentarians - myself included - we responded with the tiniest sanctions package that I said would be read as an invitation in Beijing to do more. We must see change.” Tobias Ellwood, a Conservative MP and former Defence Committee chair, told Sky News that China "was probably looking at the financially vulnerable with a view that they may be coerced in exchange for cash". He later added that “could be argued that it would be a NATO article 5 situation.” Coates himself said in a Sky News opinion piece that “ministers look odd as the government isn't naming Beijing publicly.”
Having spoken to BBC Radio 4 on Tuesday morning, Ciaran Martin, the former head of the UK's National Cyber Security Centre (itself part of spy agency GCHQ) noted in a later Twitter thread "in this particular case, unlike plenty of other nation state cyber ops, it does not seem at this stage that any norms have been broken." He continued “There’s nothing unusual or untoward about the government not saying who they think is behind the breach at this stage. Under data protection law the government has a duty to tell those affected asap. That’s what they’re doing They don’t have to, & shouldn’t rush attribution.” Furthermore, “in this particular case, unlike plenty of other nation state cyber ops, it does not seem at this stage that any norms have been broken. This seems to be spying on our government. No one, including [the UK], has seriously tried to argue for spying on governments to be prohibited.”
Defence Secretary Grant Shapps delivered a statement in the Commons the following day. Shapps did not confirm China was behind the attack - naturally, given the reasons set out above - and set out an eight-point plan (see video above). This did not satisfy MPs - naturally. He did confirm that the company involved in the hack was Services Connected Ltd (SSCL). The most interesting contributions to the debate came from Shapps’ opposition number in Labour, the impressive John Healey MP, who asked if an inquiry would be launched into the leaking of the information to the press and why, when it had clearly been briefed to the media that China was behind the attack, the Defence Secretary would not confirm that is the case. The rest of the debate added little new or original to the equation and can be skimmed here.
Back in Fleet Street, The Telegraph’s editorial coverage of the event received a good drubbing from The Economist’s Defence Editor Shashank Joshi. The article “cites Chris Wray's comments on Volt Typhoon. That is a Chinese cyber campaign to position malware inside US critical infrastructure to enable sabotage. To conflate this with a hack of UK MoD payroll data & group both as "cyber war" is ridiculous…This is also ridiculous. "For now, the West and China are effectively at war. It’s not a war you can see and there are no civilian casualties. The attack on the MoD’s payroll is just the latest skirmish…It not only conflates a whole range of covert PRC activity - traditional espionage, threat of sabotage, population level disinformation, targeted political influence operations - but also implies MoD-type hacks are something new or recent”, said Joshi. The Guardian got an excellent scoop, revealing “The IT company targeted in a Chinese hack that accessed the data of hundreds of thousands of Ministry of Defence staff failed to report the breach for months.”