UK refreshes national security plan to stop more of China's secret-stealing cyber-tricks

Britain's domestic intelligence service MI5 will oversee a new agency tasked with helping organizations combat Chinese cyber-spies and other threats.

UK Prime Minister Rishi Sunak on Monday announced the National Protective Security Authority (NPSA) as part of a refresh of the government's security strategy known as the "Integrated Review".

The refresh included the replacement of the UK's Conflict, Stability and Security Fund with an Integrated Security Fund that's funded to the tune of £1 billion to "deliver on the core objectives of the Integrated Review at home and around the world, including in economic and cyber security, counter terrorism and human rights."

According to MI5, the NPSA will provide cyber security training and advice to businesses, schools, and nonprofit organizations while working with the police to boost "protections against terrorist attacks." 

The NPSA will also collaborate with other government agencies including the National Cyber Security Centre and the National Counter Terrorism Security Office to provide "holistic protective security advice." 

"Science, technology, and academia are as much on the front lines of national security as the UK's critical national infrastructure," security minister Tom Tugendhat explained in a statement. 

"We know that hostile actors are trying to steal intellectual property from UK institutions in order to harm our country," Tugendhat added. "The National Protective Security Authority will play a crucial role in helping businesses and universities better protect themselves and maintain their competitive advantage."

Last year, MI5 and the FBI warned UK and US academics and business leaders about the growing threat of Chinese spies stealing IP, academic research, and other sensitive information.

"It means that if you are involved in cutting-edge tech, AI, advanced research or product development, the chances are your know-how is of material interest to the [Chinese Communist Party]," MI5 general director Ken McCallum said at the time. "And if you have, or are trying for, a presence in the Chinese market, you'll be subject to more attention than you might think."

• Suspected Chinese cyber spies target unpatched SonicWall devices
• DoppelPaymer ransomware suspects cuffed, alleged ringleaders escape
• FBI and international cops catch a NetWire RAT
• The UK's bad encryption law can't withstand global contempt

McCallum cited examples of Chinese actions such as a US court convicting a Chinese intelligence officer on charges of economic espionage and theft of trade secrets from the US aviation sector. 

Another of McCallum's cautionary tales concerned UK-based engineering firm Smiths (Harlow), which makes parts for Bombardier and Rolls-Royce, and in 2020 accused a Chinese investor of stealing IP and reneging on an £8 million deal.

The British government first announced the Integrated Review in 2021 to provide an overview of the UK's national security and international policy.

This year's Integrated Review Refresh comes in response to increased tensions with Russia and China, and aims to boost the nation's armed forces along with its economic and technology supply-chain security.

"As I will discuss with our American and Australian allies in the US today, the UK will remain a leading contributor to NATO and a reliable international partner, standing up for our values from Ukraine to the South China Sea," Sunak declared in a statement, referring to his meeting in California on Monday with US president Joe Biden and Australian prime minister Anthony Albanese.

That meeting saw the three nations announce a decades-long joint program to build a new class of nuclear submarines and equip Australia with eight of the boats under the AUKUS pact – a 2021 agreement largely designed to contain China. ®