Page 1 of 1

#1 China’s military hacking into corporate America increasing

Posted: Fri Sep 19, 2014 8:08 pm
by rhoenix
arstechnica.com wrote:China's military broke into Pentagon contractors' computer networks at least 50 times—hacks that threaten "to erode US military technical superiority," according to a federal investigation.

The Senate Arms Services Committee found that nearly two dozen intrusions were of the well-orchestrated "advanced persistent threat" variety. The yearlong probe [PDF] blamed the Chinese government for hacks targeting civilian transportation companies that the US military employs for the movement of troops and equipment. According to the investigation, hackers from the People's Liberation Army started in 2012 and put malware onto an airline's computers, stealing computer codes, e-mail, documents, and user accounts from firms the government declined to name.

"These peacetime intrusions into the networks of key defense contractors are more evidence of China's aggressive actions in cyberspace," said committee chairman Sen. Carl Levin (D-Mich.)

The latest developments follow a June report from US security firm CrowdStrike that detailed allegations of hacking by the People's Liberation Army into aerospace, satellite, and defense companies in Europe, Japan, and the US. What's more, Attorney General Eric Holder said in May that "enough is enough" at a news conference when he announced the indictment of five Chinese military personnel accused of hacking into major US corporations and stealing trade secrets.

While Holder promised to bring the five to the US for trial, the Associated Press reported Wednesday that the defendants "are believed to be living freely" in China. The targeted companies, ranging from Alcoa to Westinghouse, were allegedly attacked between 2006 to 2014, and China got away with trade secrets connected to everything from nuclear to renewable energy, according to the indictment.

In response to what the report called the latest "Chinese military intrusion," the FBI said in a statement that it was "committed" to "hold accountable those groups and individuals that pose a threat in cyberspace."

The new Senate Armed Services Committee's report concerns a cyber attack on US Transportation Command (TRANSCOM) contractors "that are key to the mobilization and deployment of military forces."

The report noted that China's hacking into the private sector usually concerned "intellectual property risks," but now it threatens US military security, the report said.

"The cyber theft of defense-related information and technologies, much of which also resides with private companies, threatens to erode US military technical superiority, placing national security and the safety of our troops at risk," the report said.

The report also underscored the importance of the transportation companies' military roles with the Department of Defense while essentially suggesting that the targeted companies were sitting ducks. According to the report:
"The private sector plays a crucial role in force mobilization, deployment, and sustainment operations. For example, private airlines provide more than 90 percent of DOD's passenger movement capability and more than one-third of its bulk cargo capability. In addition, the overwhelming majority of DOD deployment and distribution transactions occur over unclassified networks, many of which are owned by private companies. Private companies also play an integral role in the development of software and systems to support military logistics. these arrangements, while necessary, create vulnerabilities that could be exploited to degree or disrupt the US military's response to contingencies."