Stringer spoke about the incident in a television interview to Sky News. This is the first time a senior official, albeit retired, has spoken about the cyber attack.
Defence Academy Incident Possibly a “Grey-Zone” Attack
In 2021, Serco Group, the company that manages the Defence Academy’s network infrastructure, detected the breach and informed the Academy. The National Cyber Security Centre (NCSC) was also made aware of the attack. Stringer said the academy was “immediately alert” to the possibility of a cyber attack by a nation-state. Currently, nation-state-backed cyber attacks fall under the category of “grey-zone” attacks. Such attacks do not usually escalate to the level of full-blown warfare. As of now, the threat actor’s identity is not public knowledge. When asked about potential suspects, Stringer stated that countries like China, Iran, Russia, and North Korea possessed the capabilities to conduct a grey-zone attack. However, Stringer added that it could also be the work of a cybercrime organization looking for a vulnerability for a ransomware attack. The MOD’s Defence Academy is based in a large campus in Oxfordshire. The Academy educates approximately 28000 officers, including military personnel, civil servants, and diplomats, every year.
Defense Academy Attack had “Significant but Manageable” Consequences
Speaking about the consequences of the attack, Stringer claimed that while it was not “violent,” it had other costs. “There were costs to… operational output. There were opportunity costs in what our staff could have been doing when they were having to repair this damage,” Stringer said. “And what could we be spending the money on that we’ve had to bring forward to rebuild the network? There are no bodies in the streets, but there’s still been some damage done.” One of the significant concerns was whether the actor used the Academy’s networks to breach the MOD’s IT Systems. Stringer said that he was quite confident that the attack did not go beyond the Academy’s systems. Additionally, there were worries about potential personal data leaks. However, reports claim the network did not hold any sensitive information. Teachers and students were among the most affected since the Academy’s IT infrastructure had to be examined and consequently rebuilt.