UK Defence Academy Attack Forced IT Rebuild – Report

A possible nation-state attack on the UK’s primary defense training facility last year forced the academy to rebuild its IT infrastructure, according to a former senior officer.

Air marshal Edward Stringer served as director-general of joint force development and of the UK Defence Academy before recently retiring.

The academy trains nearly 30,000 UK armed forces personnel annually, alongside civil servants and military staff from other nations.

However, it was caught out by a cyber-attack last March, which had “significant” operational consequences, Stringer told Sky News.

Although no sensitive information is thought to have been stolen, teaching was disrupted as courses moved online due to the pandemic.

“It doesn’t look like a violent attack, but there were costs. There were costs to ... operational output. There were opportunity costs in what our staff could have been doing when they were having to repair this damage,” Stringer said.

“What could we be spending the money on that we’ve had to bring forward to rebuild the network? There are not bodies in the streets, but there’s still been some damage done.”

That rebuilding process appears still to be in progress, with a note on the current Defence Academy website stating: “new website coming soon … please bear with us while we continue to update our site … check back soon for updates.”

The IT systems at the academy, including website maintenance, are reportedly managed by outsourcing provider Serco.

While China, Russia and other hostile nations would undoubtedly have had the motivation to launch an attack, Stringer fell short of attributing it to state-backed operatives.

“It could be any of those or it could just be someone trying to find a vulnerability for a ransomware attack that was just, you know, a genuine criminal organization,” he reportedly said.

What’s Hot on Infosecurity Magazine?