Cyber breaches in defence sector reaches unprecedented levels

An unprecedented number of security incidents were reported to the Ministry of Defence during the last 12 months, according to a heavily redacted government document obtained by Sky News.

Sky News previously revealed the MoD and its partners failed to protect military and defence data in 37 incidents throughout the whole of 2017, with military data exposed to state-level cyber risks on dozens of occasions. This included defence information being left unprotected to foreign states' surveillance of internet traffic, and checks not being performed to spot sophisticated espionage malware on computer devices.

Similar incidents took place between the start of January 2018 and 10 October the same year, when the MoD recorded 34 reports, compared with 33 in the same period in 2017. However, the flurry of reports recorded in a MoD initial actions document has soared to 64.

Half a dozen of the partially redacted incidents relate to cabinets, doors or computer server racks being left unlocked, but the vast majority of the incident reports have been completely redacted by lawyers, who told Sky News that details about these incidents were exempt from being released as they 'would be likely to increase the risk of a cyber attack' against the MoD.

A spokesperson for the Ministry of Defence told Sky News: "The MoD takes the security of its personnel, systems and establishments very seriously but we do not comment on specific security arrangements or procedures."

Ciaran Martin, the head of the National Cyber Security Centre, has previously said it is a matter of when, rather than if, the UK is hit by a so-called category one cyber attack.


View the latest
digital issue