Would You like a feature Interview?
All Interviews are 100% FREE of Charge
Data breaches from the UK Ministry of Defence have increased five-fold, or nearly 400 percent, over the past five years, raising concerns about the UK’s resilience to cyber attacks from Russia and China.
An analysis of Ministry of Defence figures revealed that there were 550 data incidents last year, compared with 117 in 2017-2018.
At the same time, ministers revealed that the Information Commissioner’s Office is investigating three Ministry of Defence personal information cases.
Both the Conservatives and Labour have made national security central to their election campaigns amid growing signs of instability globally and potential threats from Russia, China, North Korea and Iran.
this is, I Last week they warned that the UK general election could be undermined by cyber attacks and AI deepfakes originating from these hostile countries.
While many of the data breaches involve unauthorized disclosures by department employees, they raise concerns about the department’s core security following recent targeted cyber attacks suspected to have been carried out by China.
Labour argued the figures showed the Conservatives had a “soft approach to cyber security”, with Prime Minister Keir Starmer’s government promising to “make the UK safer”.
But Rishi Sunak has challenged Labour on national security, claiming in a speech before the general election was announced on 4 July that Starmer’s “past actions”, including his support for Jeremy Corbyn as Prime Minister, meant he would not be able to keep the country safe if he were in Downing Street.
Earlier this month it was revealed that the Ministry of Defence’s payroll system, run by a third-party contractor, SSCL, had been the victim of a major hack blamed on China.
In a letter to Shadow Cabinet Office Minister Pat McFadden, IDeputy Prime Minister Oliver Dowden said the Government had stepped up security measures in its procurement processes following the Ministry of Defence cyber hack.
According to the MoD’s own figures, there were 117 data breaches in 2017-18, of which 73 were unauthorised disclosures, 22 were losses of electronic devices or documents within maximum security government buildings, 11 were losses of equipment or documents outside government premises, four were unsecure disposal of documents and seven were other breaches.
In 2022-23, there were a total of 550 violations, an increase of 370 percent, of which 464 were for unauthorized disclosure, 27 for loss of equipment or documents within government facilities, nine were external, one for unsecure disposal of documents and 49 were listed as other violations.
The ICO fined the Ministry of Defence £350,000 in 2023 after an email data leak exposed the details of 265 people after the Taliban took control of Afghanistan in 2021.
Britain’s Information Commissioner said the email error led to threats to life.
Earlier this month, Defence Minister Andrew Murrison said in a written response that the ICO had “currently three outstanding personal information cases relating to the Ministry of Defence”, but did not provide details about their nature.
Shadow defence secretary John Healey said: “The Ministry of Defence’s data security record is worsening and threats to the UK continue to increase. MoD data breaches have tripled in the last five years.”
“Conservative ministers have taken a lax approach to cyber security. The next Labour government will make Britain’s security a priority.”
Defence Secretary Grant Shapps announced this month that he would be holding an urgent House of Commons inquiry into the massive cyber attack on the Ministry of Defence payroll, as well as a wider investigation into SSCL’s contracts with the Ministry of Defence and other Whitehall departments.
In his letter to McFadden, Dowden said: “Cyber resilience for government and the public sector is at the core of our national posture and strengthening cyber resilience across the country is vital to achieving our national and international security objectives.”
He said the Cabinet Office had taken a number of steps to ensure a “minimum level of security” in procurement contracts across Whitehall, including measures for the “highest possible data security requirements” in dealings with third-party contractors.