A cyberattack on the UK’s Defence Academy last March caused “significant” damage, a retired senior British military officer has revealed.
Air Marshal Edward Stringer, who served as director-general of joint force development and led the military’s thinking on the future of warfare, told Sky News that the attack forced the Defence Academy to rebuild its network.
“The consequences for the operations were significant, but then manageable,” Stringer said in his first television interview since leaving the military in August 2021.
He said the perpetrators could have been cyber criminals or a hostile state such as China, Russia, Iran, or North Korea.
“It could be any of those or it could just be someone trying to find a vulnerability for a ransomware attack that was just, you know, a genuine criminal organization,” Stringer said.
The school, based in Shrivenham, Oxfordshire, teaches 28,000 military personnel, diplomats, and civil servants a year.
Stringer said “unusual activity” by “external agents” was first discovered by contractors working for outsourcing company Serco and “alarm bells” started ringing.
A primary concern had been if the hackers had tried to use the Defence Academy as a “backdoor” to penetrate much more secret parts of the IT systems of the Ministry of Defence (MoD).
But Stringer said the attack wasn’t successful and he was “quite confident” that there had not been any other breaches beyond the academy.
An MoD spokesperson was quoted by Sky News as saying: “In March 2021 we were made aware of an incident impacting the Defence Academy IT infrastructure. We took swift action and there was no impact on the wider Ministry of Defence IT network. Teaching at the Defence Academy has continued.”
The Chinese regime, one of the suspects in the attack, has been escalating its cyber offensive against the West, despite efforts from the United States, the UK, and their allies to stop it.
The U.S. government revealed in July 2021 that hackers affiliated with China’s top intelligence agency, the Ministry of State Security (MSS), breached Microsoft’s email server, affecting tens of thousands of systems globally.
Also that month, the Justice Department announced the indictment of four Chinese nationals working with MSS, charging them in relation to “a worldwide hacking and economic espionage campaign led by the government of China.” The campaign involved stealing secrets from companies, universities, and government bodies from 2011 to 2018.
In a statement before the Senate Homeland Security and Governmental Affairs Committee last September, FBI Director Christopher Wray said that the agency is “opening a new China counterintelligence investigation every 12 hours.”