Security Experts:

Hackers Accessed Sensitive Military Weapons Plans: Report

Hackers are being accused of accessing design plans for more than two dozen sensitive U.S. weapons systems in a report by the Pentagon's Defense Science Board [DSB], the Washington Post reports.

According to the Post, the systems were disclosed in a confidential version of a report by the DSB. A public version of the report that does not list the weapons whose plans had been accessed by hackers was released in January. According to the Post, the design documents accessed by the hackers included plans for the PAC-3 Patriot missile system and the Terminal High Altitude Area Defense [THAAD] system. The hackers also got their hands on plans for the F/A-18 fighter jet, the V-22 Osprey aircraft as well as other aircraft and vessels.

"DoD and its contractor base have already sustained staggering losses of system design information incorporating decades of combat knowledge and experience that provide adversaries insight to technical designs and system use," the board wrote in the public iteration of the report.

The DSB report did not indicate who was responsible for stealing the designs. However unidentified senior military and defense industry officials familiar with the breaches told the Post that most of the blame lies with a burgeoning Chinese espionage campaign targeting the U.S. defense industry. China has historically denied any connection with cyber-attacks, though a recent report from the bipartisan Commission on the Theft of American Intellectual Property said China accounts for as much as 80 percent of U.S. intellectual property theft.  

In its report, the DSB declared that after conducting an 18-month study, a DSB task force found that the country cannot be confident its critical information technology systems will work under attack from a "sophisticated and well-resourced opponent" using cyber capabilities in conjunction with their military and intelligence resources. The Department of Defense needs to respond by building an effective response, according to the report.

"Nearly every conceivable component within DoD is networked," the report notes. "These networked systems and components are inextricably linked to the Department’s ability to project military force and the associated mission assurance. Yet, DoD’s networks are built on inherently insecure architectures that are composed of, and increasingly using, foreign parts. While DoD takes great care to secure the use and operation of the “hardware” of its weapon systems, the same level of resource and attention is not spent on the complex network of information technology (IT) systems that are used to support and operate those weapons or critical IT capabilities embedded within them."

"You’ve seen significant improvements in Chinese military capabilities through their willingness to spend, their acquisitions of advanced Russian weapons, and from their cyber-espionage campaign," James A. Lewis, a cyber-policy expert at the Center for Strategic and International Studies, told the Washington Post. "Ten years ago, I used to call the PLA [People’s Liberation Army] the world’s largest open-air military museum. I can’t say that now."