10:55 AM

Chinese Hackers Stole U.S. Military Secrets

"Cyber exploitation" campaign obtained information relating to 29 weapon systems and 21 areas of cutting-edge research.

The Syrian Electronic Army: 9 Things We Know
(click image for larger view)
The Syrian Electronic Army: 9 Things We Know
Advanced weapons systems including the F-35 Joint Strike Fighter and V-22 Osprey, as well as cutting-edge military technology relating to satellite communications, directed energy weapons and missile defense, are among the designs reportedly stolen by Chinese hackers from U.S. government agencies and defense contractors.

Those findings -- first reported by The Washington Post -- were contained in a nonpublic version of a report prepared in January 2013 for the Pentagon. The "Resilient Military Systems and the Advanced Cyber Threat" report was written by the Defense Science Board, which is a committee of civilian experts appointed to advise the Department of Defense.

All told, information relating to 29 weapon systems and 21 areas of different advanced research was reportedly stolen, according to a confidential version of the report. "The scale is shocking," tweeted information security researcher Alan Woodward, who's a professor in the department of computing at the University of Surrey.

[ Learn the latest on the state of enterprise IT security. Read 2013 Strategic Security Survey. ]

"These are all very critical weapons systems, critical to our national security," Mark Stokes, executive director of the Project 2049 Institute, a think tank that focuses on security issues in Asia, told the Post.

A public version of the report that was previously released didn't include the list of compromised weapons systems and technology. They were named in a table titled "Expanded partial list of DoD system designs and technologies compromised via cyber exploitation." Some of the stolen information relating to weapon systems and military technologies -- such as a 2007 hack that compromised F-35 Joint Strike Fighter information -- had been previously disclosed.

The public version of the published report didn't detail when the information was stolen, how much of it was confidential or whether the information had been stolen from U.S. defense contractors or government agencies.

According to Adam Meyers, head of intelligence for security firm Crowdstrike, China's corporate espionage campaign may parallel the country's five-year plan for modernizing its infrastructure, including building out more deep-sea military capabilities, the New Yorker recently reported. To support deep-sea operations, China would be seeking better satellite technology, torpedoes, naval antennas, radar, electromagnetic aircraft launch systems for carriers and a naval ballistic-missile defense system. All of those technologies are included on the Defense Science Board's partial list of stolen weapon systems and technologies.

What's the risk from the information being stolen? Beyond helping China advance its military capabilities more quickly, the stolen information "may impose severe consequences for U.S. forces engaged in combat," according to the publicly released version of the Defense Science Board report, because it might give adversaries an advantage. For example, reports in 2007 suggested that when Israeli warplanes entered Syrian airspace during an air raid, a computer hack -- perhaps aided by a hardcoded backdoor in the radar systems -- was used to temporarily deactivate Syria's entire radar system, thus allowing the warplanes to escape detection.

The sheer quantity of military weapon system information and technology designs that have been stolen by Chinese hackers may be behind the Obama administration's increasingly forceful denouncements of Chinese hacking operations. But some experts on China believe that diplomacy alone won't solve the problem. Last week, the bipartisan Commission on the Theft of American Intellectual Property recommended that Congress authorize businesses to strike back and reclaim stolen data from foreign networks. Last month Congress pursued economic sanctions by passing a bill barring government purchases of IT equipment from any organization affiliated with China, without prior approval from the FBI.

In other Chinese hacking news, Australia's ABC Television reported Monday -- without citing any sources -- that an information security attack attributed to China had compromised blueprints and physical security information relating to a new $600 million facility being built by Australia's Secret Intelligence Service. According to an Australian security expert, the stolen plans would enable spies to more easily know which parts of the facility to monitor, if attempting to track intelligence activities.

Australia's foreign minister, Bob Carr, said the country is "very alive" to information security attacks, but declined to address the alleged Chinese espionage operation, reported the BBC. "I won't comment on matters of intelligence and security for the obvious reason: we don't want to share with the world and potential aggressors what we know about what they might be doing, and how they might be doing it," he said.

China is Australia's biggest trade partner.

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
User Rank: Apprentice
6/9/2013 | 6:25:22 AM
re: Chinese Hackers Stole U.S. Military Secrets
We the United States of America should stop toying with
these people (China). We know for a fact that its state sponsored hacking
period. We should immediately stop all trade with China. The United States government
is guilty as sin for letting any company manufacture in China. We should
manufacture all our goods ourselves and employ our own population. Yes things
are going to cost more but when one takes into consideration the total cost of
research and development that we American companies spend only to have it
stolen by them. We have the gull to send them blueprints to some of our most
important technology so they can build it for us at a cheaper cost. I know that
some will say that the technology stolen was from defense contractors not an IPhone
for example. We our defense contractors subcontract tons of that work out to
smaller companies and IGÇÖm sure some of those companies are Chinese companies masquerading
as U.S companies. I just read just recently that the IPhone is going to be used
by the DOD. The DoD will place an order for 650K iOS (AAPL) devices - 210K
iPhones, 120K iPads, 100K iPad Minis, and 200K iPod touches - following the end
of the sequester, Electronista reports. The iOS gear will reportedly be used to
replace BlackBerrys (BBRY) - the DoD currently has 470K in operation - and
would come ahead of the planned implementation of a "platform
agnostic" device policy in Feb. 2014. Electronista previously reported the
DoD had largely ended BB10 testing due to budget cuts. Heck when we send them
the blueprints to build these devices for Apple an American company. Does
anyone for one moment not believe that some of those devices wonGÇÖt have a back door
for espionage purposes? We need to quit toying with the Chinese their
intentions are to rule the world period. I for one think we should as I said previously
stop all manufacturing with China. Heck I believe we should disconnect them
from the Internet period. We have congressional hearings taking place to
determine if we the U.S should allow a Chinese company to purchase a U.S
company. The Chinese purchasers always say that if the transaction is approved
the new U.S division will be completely independent of the mother company in
China. Does anyone in their right mind really believe this? I for one sure donGÇÖt.
Still our own congressional committees give the authorization for some of these
transactions to take place. Everything in China is controlled by the Chinese government
and their goal is world domination. If we continue on this road we will be
speaking Chinese in the United States in one hundred years or less. We continue
to do this just so that some people and corporations who are already filthy wealthy
can continue to profit. Look at Apple for example they have no loyalty to no
one. They pay no taxes to any country period. We just had those hearing
recently and they have those bogus Subsidiaries in Ireland and just from the testimony
they and I say they as in Tim Cook the CEO of Apple Corporation gave. These subsidiaries
were setup just to avoid paying taxes in any country period. He concludes that
Apple pays taxes to the U.S Government via matching employee taxes and matching
Social Security taxes. Excuse me but that's b/s and its other companies with a
mindset like that which contributes to the deficit we find ourselves in. Take
Halliburton for (example) the company that profited from the wars in Iraq and Afghanistan
to the tune of billions of dollars. When it came time to pay taxes what did
they do they moved the corporate headquarters to the country of Dubai. They
have no loyalty to the United States yet the majority of their operations and employees
are based here in the United States. They want to be eligible to receive U.S
Government contracts and they want to be paid in U.S cold hard cash but they
donGÇÖt want to pay any taxes here. I for one think that should make them ineligible
to receive government contracts period. Yes I call a spade a spade but we have
to stop blowing sunshine where it doesnGÇÖt belong. This ship the United States
needs to right itself or we will sink. Charlie Meza Dallas, Texas
Andrew Hornback
Andrew Hornback,
User Rank: Apprentice
5/31/2013 | 4:47:31 AM
re: Chinese Hackers Stole U.S. Military Secrets
Who's going to pay for the security audits and the pen-testing? Even better, who's going to do them? Do we set up a Federal agency to do that or do we allow defense contractors to audit and pen-test each other? That could become a big mess very quickly. And how does one enforce the idea of fines against these contractors, or even governmental agencies? How does one put a monetary value on a data breach? Good question, no?

Something else to think about, and this brings me back to my early days in engineering school - design is iterative. So, let's say that the Chinese stole a full set of blueprints for the F-35 back in 2007. First flight was in 2006, but the system has yet to go operational (that's planned for 2015-2018, depending on branch) and is still in the design, upgrade and testing phase. How good are those sets of blueprints at this point?

What might make this report more interesting is to see what's been stolen and when - remember, security hasn't always enjoyed the limelight that it enjoys today.

Andrew Hornback
InformationWeek Contributor
User Rank: Apprentice
5/28/2013 | 6:56:07 PM
re: Chinese Hackers Stole U.S. Military Secrets
The contractors involved are obviously not doing enough to safeguard information. That is a national security issue and perhaps if contractors can't take cyber security seriously enough to safeguard the information, there ought to be enough fines and penalties in place to motivate them towards a more pragmatic approach. Further, there should be a requirement that any bidder for sensitive contracts absolutely must pass security audits and pen-testing before even they even are allowed to participate in the process.
Register for Dark Reading Newsletters
White Papers
Current Issue
E-Commerce Security: What Every Enterprise Needs to Know
The mainstream use of EMV smartcards in the US has experts predicting an increase in online fraud. Organizations will need to look at new tools and processes for building better breach detection and response capabilities.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
Published: 2015-10-15
The Direct Rendering Manager (DRM) subsystem in the Linux kernel through 4.x mishandles requests for Graphics Execution Manager (GEM) objects, which allows context-dependent attackers to cause a denial of service (memory consumption) via an application that processes graphics data, as demonstrated b...

Published: 2015-10-15
netstat in IBM AIX 5.3, 6.1, and 7.1 and VIOS 2.2.x, when a fibre channel adapter is used, allows local users to gain privileges via unspecified vectors.

Published: 2015-10-15
Cross-site request forgery (CSRF) vulnerability in eXtplorer before 2.1.8 allows remote attackers to hijack the authentication of arbitrary users for requests that execute PHP code.

Published: 2015-10-15
Directory traversal vulnerability in QNAP QTS before 4.1.4 build 0910 and 4.2.x before 4.2.0 RC2 build 0910, when AFP is enabled, allows remote attackers to read or write to arbitrary files by leveraging access to an OS X (1) user or (2) guest account.

Published: 2015-10-15
Cisco Application Policy Infrastructure Controller (APIC) 1.1j allows local users to gain privileges via vectors involving addition of an SSH key, aka Bug ID CSCuw46076.

Dark Reading Radio