MI5 to establish new security agency to counter Chinese hacking, espionage
The new organisation has been compared to GCHQ’s NCSC, and will provide companies advice on how to deal with Chinese companies or carry out business in China


MI5 is set to establish a new agency to help UK businesses protect themselves against Chinese espionage and state-sponsored hacking.
UK prime minister Rishi Sunak will unveil the news later today, as part of the UK’s updated diplomatic and defence strategy when it comes to China, The Times reports.
Sunak will reveal a new “National Protective Security Authority” which will sit in MI5. It aims to provide businesses and universities with advice on how to deal with industrial espionage.
Officials have reportedly compared the new agency to the National Cyber Security Centre (NCSC) which was established by GCHQ in 2016 as a central authority tasked with protecting the nation against cyber security threats.
It also routinely offers guidance to organisations and the wider public on cyber security best practice.
The National Protective Security Authority will be able to help organisations by providing advice on how to deal with Chinese companies, how to do business in China, or how to buy equipment from companies located in the country.
The motivation for the agency's creation is thought to be born out of longstanding concerns around China and its history of conducting sophisticated cyber attacks against organisations in the West.
Get the ITPro daily newsletter
Sign up today and you will receive a free copy of our Future Focus 2025 report - the leading guidance on AI, cybersecurity and other IT challenges as per 700+ senior executives
The government’s new authority will also provide guidelines on how to approach Huawei or Hikvision, although it isn’t clear yet what these are.
It was decided that Huawei’s equipment would be removed from the UK's 5G network in 2020 to protect national security, a move encouraged by US sanctions placed on the Chinese company.
In July 2022, a group of MPs also demanded that Chinese surveillance equipment companies like Hikvision should be banned from the UK, expressing concerns about the ethics and security of the company.
Lastly, the new agency is expected to provide guidance on takeovers in "sensitive” industries. In July 2021, an MP raised concerns about Chinese-owned Nexperia acquiring Newport Wafer Fab (NWF), a Welsh semiconductor company.
MP Tom Tugendhat said at the time he was surprised the deal had taken place without being put through a review under a National Security and Investment Act.
“The semiconductor industry sector falls under the scope of the legislation, the very purpose of which is to protect the nation’s technology companies from foreign takeovers when there is a material risk to economic and national security,” he said.
“The government is yet to explain why we are turning a blind eye to Britain's largest semiconductor foundry falling into the hands of an entity from a country that has a track record of using technology to create geopolitical leverage.”
China's hacking history
China's state-sponsored hackers are long-known for their attacks on high-value organisations and universities, often with the intention of information stealing.
Recent examples include the February 2022 attack on News Corp - China was originally accused as the force behind it which saw staff emails and other business documents stolen.
RELATED RESOURCE
Mapping the digital attack surface
Why global organisations are struggling to manage cyber risk
In February this year, it was revealed that the China-linked hackers went unnoticed in the organisation's network for two years.
Further back, state-sponsored Chinese and Russian hackers were accused of targeting vaccine data during the COVID-19 pandemic. The attack on vaccine supplier Moderna drew worldwide attention in 2020.
In 2021, the National Cyber Security Centre (NCSC) revealed it played an important part in vaccine delivery, helping by intervening in cyber incidents and protecting individuals in the health sector. It handled 777 incidents that year, with 20% of them focused on the health industry or companies involved in the vaccine rollout.
Zach Marzouk is a former ITPro, CloudPro, and ChannelPro staff writer, covering topics like security, privacy, worker rights, and startups, primarily in the Asia Pacific and the US regions. Zach joined ITPro in 2017 where he was introduced to the world of B2B technology as a junior staff writer, before he returned to Argentina in 2018, working in communications and as a copywriter. In 2021, he made his way back to ITPro as a staff writer during the pandemic, before joining the world of freelance in 2022.
-
Bigger salaries, more burnout: Is the CISO role in crisis?
In-depth CISOs are more stressed than ever before – but why is this and what can be done?
By Kate O'Flaherty Published
-
Cheap cyber crime kits can be bought on the dark web for less than $25
News Research from NordVPN shows phishing kits are now widely available on the dark web and via messaging apps like Telegram, and are often selling for less than $25.
By Emma Woollacott Published
-
How to empower employees to accelerate emissions reduction
in depth With ICT accounting for as much as 3% of global carbon emissions, the same as aviation, the industry needs to increase emissions reduction
By Fleur Doidge Published
-
Worldwide IT spending to grow 4.3% in 2023, with no significant AI impact
News Spending patterns have changed as companies take an inward focus
By Rory Bathgate Published
-
Report: Female tech workers disproportionately affected by industry layoffs
News Layoffs continue to strike companies throughout the tech industry, with data showing females in both the UK and US are bearing the brunt of them more so than males
By Ross Kelly Published
-
How can small businesses cope with inflation?
Tutorial With high inflation increasing the cost of doing business, how can small businesses weather the storm?
By Sandra Vogel Published
-
How to deal with inflation while undergoing digital transformation
In-depth How can organizations stave off inflation while attempting to grow by digitally transforming their businesses?
By Sandra Vogel Published
-
How businesses can use technology to fight inflation
TUTORIAL While technology can’t provide all the answers to fight rising inflation, it can help ease the pain on businesses in the long term
By Sandra Vogel Published
-
Boomi snaps up former MuleSoft executive as APJ channel lead
News Global software veteran Jim Fisher will work to expand the company’s channel operations across the region
By Daniel Todd Published
-
Embattled WANdisco to cut 30% of workforce amid fraud scandal
News The layoffs follow the shock resignation of the company’s CEO and CFO in early April
By Ross Kelly Published