10:55 AM

Chinese Hackers Stole U.S. Military Secrets

"Cyber exploitation" campaign obtained information relating to 29 weapon systems and 21 areas of cutting-edge research.

The Syrian Electronic Army: 9 Things We Know
(click image for larger view)
The Syrian Electronic Army: 9 Things We Know
Advanced weapons systems including the F-35 Joint Strike Fighter and V-22 Osprey, as well as cutting-edge military technology relating to satellite communications, directed energy weapons and missile defense, are among the designs reportedly stolen by Chinese hackers from U.S. government agencies and defense contractors.

Those findings -- first reported by The Washington Post -- were contained in a nonpublic version of a report prepared in January 2013 for the Pentagon. The "Resilient Military Systems and the Advanced Cyber Threat" report was written by the Defense Science Board, which is a committee of civilian experts appointed to advise the Department of Defense.

All told, information relating to 29 weapon systems and 21 areas of different advanced research was reportedly stolen, according to a confidential version of the report. "The scale is shocking," tweeted information security researcher Alan Woodward, who's a professor in the department of computing at the University of Surrey.

[ Learn the latest on the state of enterprise IT security. Read 2013 Strategic Security Survey. ]

"These are all very critical weapons systems, critical to our national security," Mark Stokes, executive director of the Project 2049 Institute, a think tank that focuses on security issues in Asia, told the Post.

A public version of the report that was previously released didn't include the list of compromised weapons systems and technology. They were named in a table titled "Expanded partial list of DoD system designs and technologies compromised via cyber exploitation." Some of the stolen information relating to weapon systems and military technologies -- such as a 2007 hack that compromised F-35 Joint Strike Fighter information -- had been previously disclosed.

The public version of the published report didn't detail when the information was stolen, how much of it was confidential or whether the information had been stolen from U.S. defense contractors or government agencies.

According to Adam Meyers, head of intelligence for security firm Crowdstrike, China's corporate espionage campaign may parallel the country's five-year plan for modernizing its infrastructure, including building out more deep-sea military capabilities, the New Yorker recently reported. To support deep-sea operations, China would be seeking better satellite technology, torpedoes, naval antennas, radar, electromagnetic aircraft launch systems for carriers and a naval ballistic-missile defense system. All of those technologies are included on the Defense Science Board's partial list of stolen weapon systems and technologies.

What's the risk from the information being stolen? Beyond helping China advance its military capabilities more quickly, the stolen information "may impose severe consequences for U.S. forces engaged in combat," according to the publicly released version of the Defense Science Board report, because it might give adversaries an advantage. For example, reports in 2007 suggested that when Israeli warplanes entered Syrian airspace during an air raid, a computer hack -- perhaps aided by a hardcoded backdoor in the radar systems -- was used to temporarily deactivate Syria's entire radar system, thus allowing the warplanes to escape detection.

The sheer quantity of military weapon system information and technology designs that have been stolen by Chinese hackers may be behind the Obama administration's increasingly forceful denouncements of Chinese hacking operations. But some experts on China believe that diplomacy alone won't solve the problem. Last week, the bipartisan Commission on the Theft of American Intellectual Property recommended that Congress authorize businesses to strike back and reclaim stolen data from foreign networks. Last month Congress pursued economic sanctions by passing a bill barring government purchases of IT equipment from any organization affiliated with China, without prior approval from the FBI.

In other Chinese hacking news, Australia's ABC Television reported Monday -- without citing any sources -- that an information security attack attributed to China had compromised blueprints and physical security information relating to a new $600 million facility being built by Australia's Secret Intelligence Service. According to an Australian security expert, the stolen plans would enable spies to more easily know which parts of the facility to monitor, if attempting to track intelligence activities.

Australia's foreign minister, Bob Carr, said the country is "very alive" to information security attacks, but declined to address the alleged Chinese espionage operation, reported the BBC. "I won't comment on matters of intelligence and security for the obvious reason: we don't want to share with the world and potential aggressors what we know about what they might be doing, and how they might be doing it," he said.

China is Australia's biggest trade partner.

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
User Rank: Apprentice
6/9/2013 | 6:25:22 AM
re: Chinese Hackers Stole U.S. Military Secrets
We the United States of America should stop toying with
these people (China). We know for a fact that its state sponsored hacking
period. We should immediately stop all trade with China. The United States government
is guilty as sin for letting any company manufacture in China. We should
manufacture all our goods ourselves and employ our own population. Yes things
are going to cost more but when one takes into consideration the total cost of
research and development that we American companies spend only to have it
stolen by them. We have the gull to send them blueprints to some of our most
important technology so they can build it for us at a cheaper cost. I know that
some will say that the technology stolen was from defense contractors not an IPhone
for example. We our defense contractors subcontract tons of that work out to
smaller companies and IGm sure some of those companies are Chinese companies masquerading
as U.S companies. I just read just recently that the IPhone is going to be used
by the DOD. The DoD will place an order for 650K iOS (AAPL) devices - 210K
iPhones, 120K iPads, 100K iPad Minis, and 200K iPod touches - following the end
of the sequester, Electronista reports. The iOS gear will reportedly be used to
replace BlackBerrys (BBRY) - the DoD currently has 470K in operation - and
would come ahead of the planned implementation of a "platform
agnostic" device policy in Feb. 2014. Electronista previously reported the
DoD had largely ended BB10 testing due to budget cuts. Heck when we send them
the blueprints to build these devices for Apple an American company. Does
anyone for one moment not believe that some of those devices wonGt have a back door
for espionage purposes? We need to quit toying with the Chinese their
intentions are to rule the world period. I for one think we should as I said previously
stop all manufacturing with China. Heck I believe we should disconnect them
from the Internet period. We have congressional hearings taking place to
determine if we the U.S should allow a Chinese company to purchase a U.S
company. The Chinese purchasers always say that if the transaction is approved
the new U.S division will be completely independent of the mother company in
China. Does anyone in their right mind really believe this? I for one sure donGt.
Still our own congressional committees give the authorization for some of these
transactions to take place. Everything in China is controlled by the Chinese government
and their goal is world domination. If we continue on this road we will be
speaking Chinese in the United States in one hundred years or less. We continue
to do this just so that some people and corporations who are already filthy wealthy
can continue to profit. Look at Apple for example they have no loyalty to no
one. They pay no taxes to any country period. We just had those hearing
recently and they have those bogus Subsidiaries in Ireland and just from the testimony
they and I say they as in Tim Cook the CEO of Apple Corporation gave. These subsidiaries
were setup just to avoid paying taxes in any country period. He concludes that
Apple pays taxes to the U.S Government via matching employee taxes and matching
Social Security taxes. Excuse me but that's b/s and its other companies with a
mindset like that which contributes to the deficit we find ourselves in. Take
Halliburton for (example) the company that profited from the wars in Iraq and Afghanistan
to the tune of billions of dollars. When it came time to pay taxes what did
they do they moved the corporate headquarters to the country of Dubai. They
have no loyalty to the United States yet the majority of their operations and employees
are based here in the United States. They want to be eligible to receive U.S
Government contracts and they want to be paid in U.S cold hard cash but they
donGt want to pay any taxes here. I for one think that should make them ineligible
to receive government contracts period. Yes I call a spade a spade but we have
to stop blowing sunshine where it doesnGt belong. This ship the United States
needs to right itself or we will sink. Charlie Meza Dallas, Texas
Andrew Hornback
Andrew Hornback,
User Rank: Apprentice
5/31/2013 | 4:47:31 AM
re: Chinese Hackers Stole U.S. Military Secrets
Who's going to pay for the security audits and the pen-testing? Even better, who's going to do them? Do we set up a Federal agency to do that or do we allow defense contractors to audit and pen-test each other? That could become a big mess very quickly. And how does one enforce the idea of fines against these contractors, or even governmental agencies? How does one put a monetary value on a data breach? Good question, no?

Something else to think about, and this brings me back to my early days in engineering school - design is iterative. So, let's say that the Chinese stole a full set of blueprints for the F-35 back in 2007. First flight was in 2006, but the system has yet to go operational (that's planned for 2015-2018, depending on branch) and is still in the design, upgrade and testing phase. How good are those sets of blueprints at this point?

What might make this report more interesting is to see what's been stolen and when - remember, security hasn't always enjoyed the limelight that it enjoys today.

Andrew Hornback
InformationWeek Contributor
User Rank: Apprentice
5/28/2013 | 6:56:07 PM
re: Chinese Hackers Stole U.S. Military Secrets
The contractors involved are obviously not doing enough to safeguard information. That is a national security issue and perhaps if contractors can't take cyber security seriously enough to safeguard the information, there ought to be enough fines and penalties in place to motivate them towards a more pragmatic approach. Further, there should be a requirement that any bidder for sensitive contracts absolutely must pass security audits and pen-testing before even they even are allowed to participate in the process.
Want Your Daughter to Succeed in Cyber? Call Her John
John De Santis, CEO, HyTrust,  5/16/2018
Don't Roll the Dice When Prioritizing Vulnerability Fixes
Ericka Chickowski, Contributing Writer, Dark Reading,  5/15/2018
Why Enterprises Can't Ignore Third-Party IoT-Related Risks
Charlie Miller, Senior Vice President, The Santa Fe Group,  5/14/2018
Register for Dark Reading Newsletters
White Papers
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: "Security through obscurity"
Current Issue
Flash Poll
[Strategic Security Report] Navigating the Threat Intelligence Maze
[Strategic Security Report] Navigating the Threat Intelligence Maze
Most enterprises are using threat intel services, but many are still figuring out how to use the data they're collecting. In this Dark Reading survey we give you a look at what they're doing today - and where they hope to go.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
PUBLISHED: 2018-05-20
A hardcoded FTP username of myscada and password of Vikuk63 in 'myscadagate.exe' in mySCADA myPRO 7 allows remote attackers to access the FTP server on port 2121, and upload files or list directories, by entering these credentials.
PUBLISHED: 2018-05-20
Syntastic (aka vim-syntastic) through 3.9.0 does not properly handle searches for configuration files (it searches the current directory up to potentially the root). This improper handling might be exploited for arbitrary code execution via a malicious gcc plugin, if an attacker has write access to ...
PUBLISHED: 2018-05-20
An issue was discovered in the MakeMyTrip application 7.2.4 for Android. The databases (locally stored) are not encrypted and have cleartext that might lead to sensitive information disclosure, as demonstrated by data/com.makemytrip/databases and data/com.makemytrip/Cache SQLite database files.
PUBLISHED: 2018-05-20
The Local HTTP API in Radio Thermostat CT50 and CT80 1.04.84 and below products allows unauthorized access via a DNS rebinding attack. This can result in remote device temperature control, as demonstrated by a tstat t_heat request that accesses a device purchased in the Spring of 2018, and sets a ho...
PUBLISHED: 2018-05-19
An integer overflow in the _transfer function of a smart contract implementation for Hexagon (HXG), an Ethereum ERC20 token, allows attackers to accomplish an unauthorized increase of digital assets by providing a _to argument in conjunction with a large _value argument, as exploited in the wild in ...