We now know China targeted the MOD – the question is, what to do about it

Democracies have been complacent about a vast amount of data harvested by Chinese hackers over recent decades, thinking – in the words of a defence attache in Beijing – that they didn’t have the brains or the manpower to do much with it.

Artificial intelligence has changed all that. It targets exactly the kinds of big data sets found in the hack of an armed forces payroll system operated by a private contractor for the Ministry of Defence, which contained personal information such as bank details and addresses.

The defence secretary Grant Shapps did not name China when he spoke in the House of Commons about the breach, talking only of “a malign actor”. But across Westminster and Whitehall, there is little doubt who it was: the argument is what to do about it. None of the options are easy.

For these are not the idle days of the late 1990s or David Cameron’s “golden era”, when defence attaches might underestimate their Chinese opponents much as their forebears scorned imperial Japan’s airmen and sailors until Pearl Harbor.

China has grown a sophisticated, polylingual cadre of specialists at universities and military academies, drawing on talents honed in online gaming at home and on campuses in the West, allowing them to catch up fast. It bans much of the internet for its citizens but the geeks get to use anything they want.

Just as China’s carmakers stunned competitors by turning out electric vehicles that are cheaper and better than their rivals, its intelligence analysts seized on the development of machine translation aided by AI to accelerate their use of hacked information. This happened so fast that distracted leaders in the democracies barely thought about it.

There are two malign consequences.

First, the portals are open for a skilled new generation of Chinese cybersleuths trained by its Ministry of State Security (MSS) to apply the totalitarian methods perfected during the Covid-19 pandemic to sift and link up people, places and transactions through their online activity. It is not just a domestic exercise but a global campaign.

The threat to Chinese people living in the United Kingdom, such as recent arrivals from Hong Kong, is obvious. So is the MSS’s increasingly effective pressure on dissidents and fugitives whose family members are left behind in the People’s Republic.

Its exploitation and blackmail of greedy or foolish politicians and their hangers-on are well documented. From time to time, a scandal breaks: the MSS does not care. It has no reputation for rescuing its own officers and can easily write off the occasional foreign asset without a thought.

The second peril lies in the past. Chinese hackers were found to be scooping up data from the protest movement of 2015 in Hong Kong – a move which shocked student activists and alerted foreign intelligence services to their cyber prowess.

Well before that, the state had collected reams of material by eavesdropping, security cameras and old-fashioned pre-app surveillance. This data has never been dumped. It has been conserved and can be worked on to reveal secrets long thought safe.

Compared to their opponents in the democracies, the MSS can call on practically limitless reserves of people to do such operations which most Western services would rule out for lack of resources.

The West knows all this from its own spy folklore. In 1943, the United States began collecting coded messages from Soviet agents back to Moscow. They could not be read until cryptologists cracked the code after the Second World War and began working through the Venona transcripts. They led to the arrest of the British atomic spy Klaus Fuchs and death sentences for the Soviet agents Julius and Ethel Rosenberg in America.

What to do? The CIA’s chief William Burns recently said that his agency was rebuilding its networks in China after a disastrous set of exposures and executions just as Xi Jinping came to power 12 years ago. That was either unwise or well calculated because Xi lives in a world of paranoia.

It was notable that on his visit to France, Serbia and Hungary this week, one of the closest figures in his retinue was a ghoul named Cai Qi, who at 68 has risen from obscure provincial tasks to take overall charge of the security state and may be the second most powerful man behind the leader himself. Paranoid or not, there is no complacency in Beijing.

Michael Sheridan’s new biography of Xi Jinping, ‘The Red Emperor’, will be published by Headline Books this summer. Formerly diplomatic editor of The Independent and Far East correspondent of The Sunday Times, he is also the author of ‘The Gate to China’, an acclaimed history of Hong Kong (2021)