Chinese hackers have intercepted designs for sensitive weapons systems, according to a report prepared for government and defense officials, the Washington Post reported.
The Washington Post cited a confidential report prepared for the Pentagon and for both government and defense industry officials by the Defense Science Board. Designs for more than two dozen major weapons systems, including those critical to U.S. missile defenses and combat aircraft and ships, have been accessed by Chinese hackers via a series of electronic intrusions, the Post reported Tuesday.
It’s not clear at this point when the intrusions occurred, or whose networks were breached—the government or the defense contractors and their subcontractors. Top defense contractors, including Boeing, Lockheed, Martin, Raytheon, and Northrop Grumman, declined to say whether their systems have been breached.
While the Defense Science Board did not explicitly call out the Chinese for stealing the designs, senior military and industry officials told the Post the intrusions were part of a wider campaign of cyber-espionage carried out by China.
“Espionage is espionage, it’s always been a feature of international politics and it always will be. The problem is that today’s ‘secret agents’ don’t have a face and they don’t need physical access to the information they are trying to steal,” said Andrew Storms, director of security operations at Tripwire.
The latest allegations comes just a few weeks after the Pentagon’s report to Congress on China, in which the Department of Defense officials explicitly accused China of engaging in cyber-espionage to gain economic and military advantage.
The Chinese government has repeatedly insisted it does not engage in cyber-espionage or encourage attacks against foreign networks. In the past, China has claimed to be unfairly blamed for attacks, and the China itself is a victim of cyber-attacks.
The Defense Science Board is a senior advisory group made up of government and civilian experts. It creates two versions of the report, a public version in which it advised the Pentagon was unprepared to counter a full-scale cyber-conflict, and a confidential version, which included the list of compromised weapons designs.
“While it is not new that Chinese hackers have penetrated a number of companies and government agencies, this news is indicative of the types of information which has probably been gleaned from those penetrations,” Ken Silva, senior vice-president of cyber-security at ManTech International, told SecurityWeek.
Some of the weapons on the list are used by the Pentagon in Asia, Europe, and the Persian Gulf, and include the advanced Patriot missile system, an Army system for shooting down ballistic missiles (Terminal High Altitude Area Defense, THAAD), and the Navy’s Aegis ballistic missile defense system, the Post said. The F/A-18 fighter jet, the V-22 Osprey, the Black Hawk helicopter, the Navy’s Littoral Combat Ship, and the F-35 Joint Strike Fighter were listed. The theft of the F-35 plans, the most expensive weapons system to be built at about $1.4 trillion, had been reported previously. The list also included drone video systems, nanotechnology, tactical data links and electronic warfare systems.
The information in these designs would give China access to advanced technology to accelerate the development of its own weapons systems and weaken the U.S. military advantage in the case of a future conflict, experts told the Post.
“Having the secret details of your most advanced weapons systems exfiltrated is a serious indictment of our national cyber-security program,” Storms said.
The Post cited the public version of the Defense Science Board’s report in discussing the implications of the theft. These kinds of cyber-espionage and cyber-sabotage could result in severedcommunication links between U.S. forces, corrupt data compromising the success of an operation, malfunctioning weapons, and airborne devices, including satellites and drones, could crash, according to the Defense Science Board.
While the attacks are a concern, the bigger issue is the ineffectiveness when it comes to keeping attackers out, or detecting breaches and minimizing the scope of the theft. The Post article cited several defense officials frustrated that many defense contractors are unable to secure their networks to prevent cyber-intrusions of this nature.
“The report [form the Defense Science Board] identifies the problem, but the recommendations still sound a lot like “We’re developing a plan for a plan,” said Dwayne Melancon, CTO of Tripwire.
The report said that attack tools downloaded from the Internet are capable of defeating Department of Defense systems, and “it will take years for the Department to build an effective response.” The gap between attacker and defender capabilities will continue to widen, which means “more critical data will be stolen and we won’t be able to do anything about it,” Melancon said.
The report seems to indicate the “DoD’s approach to cyber security is fundamentally broken,” Melancon said, adding the U.S. should be “‘re-imagining’ how we approach this battle so the we can create a much more resilient and aware set of cyber security capabilities.”