US weapons system designs were reportedly viewed by Chinese hackers
Defense Department is not yet prepared to fight off sophisticated cyberattacks, an advisory group says
IDG News Service - Designs for more than two dozen advanced U.S. weapon systems, including missile defenses, combat aircraft and ships, were reportedly accessed by Chinese hackers.
The systems were listed in a previously undisclosed section of a report prepared for government, defense industry and Pentagon officials by the Defense Science Board (DSB), a committee of experts that advises the U.S. Department of Defense on technical and scientific matters, the Washington Post reported Monday.
"DoD and its contractor base have already sustained staggering losses of system design information incorporating decades of combat knowledge and experience that provide adversaries insight to technical designs and system use," the advisory group said in a public version of the report released in January that covers the findings of an 18-month study into the resilience of military systems against advanced cyberthreats.
Among the designs documents obtained by hackers were those for missile defense systems, including the PAC-3 Patriot missile system, the Terminal High Altitude Area Defense (THAAD) system and the U.S. Navy's Aegis ballistic-missile defense system, according to the Post, which obtained a copy of the previously undisclosed report section.
System designs related to the F/A-18 fighter jet, the F-35 multirole combat aircraft, the V-22 Osprey aircraft, the Black Hawk helicopter and the Navy's Littoral Combat Ship (LCS) class of vessels were also among those listed in the breach report.
The DSB did not indicate when and where the data breaches occurred or who was behind them. However, according to the Post, unnamed senior military and defense industry officials familiar with the breaches said that most of them were the result of Chinese cyberespionage efforts against defense contractors.
During the past year, U.S. government officials have been increasingly vocal in claiming that China is responsible for cyberattacks that resulted in the theft of intellectual property and other sensitive information from U.S. companies and government agencies. In a report released earlier this month, the DOD said that last year "numerous computer systems around the world, including those owned by the U.S. government, continued to be targeted for intrusions, some of which appear to be attributable directly to the Chinese government and military."
The Chinese government has repeatedly denied its involvement in cyberespionage and dismissed such accusations as baseless.
In the public version of its report, the DSB described the cyberthreat as serious and said that in some ways its consequences are similar to those of the nuclear threat of the Cold War.
The DOD's actions to combat this threat are numerous, but fragmented, so the department is not yet prepared to defend against it, the DSB said. "It will take years for the Department to build an effective response to the cyber threat to include elements of deterrence, mission assurance and offensive cyber capabilities."
- Using Cyber Insurance and Cybercrime Data to Limit Your Business Risk This paper examines the challenges of understanding cyber risks, the importance of having the right cyber risk intelligence, and how to use this...
- 5 Tips to Secure Small Business Backdoors in the Enterprise Supply Chain This paper examines the insecurity of the small businesses in the supply chain and offers tips to close those backdoors into the enterprise.
- Comprehensive Advanced Threat Defense The hot topic in the information security industry these days is "Advanced Threat Defense" (ATD). This paper describes a comprehensive, network-based approach to...
- Advanced Threat Defense: A Comprehensive Approach In this interview, Peter George, president, General Dynamics Fidelis Cybersecurity Solutions, explains why we need more than anti-malware, and what constitutes a comprehensive...
- Live Webcast Security Vulnerabilities Associated With Having Local Administrator Privileges Viewfinity will demonstrate how removing admin rights and granularly managing privileges at the application level reduces the attack surface.
- Security Vulnerabilities Associated With Having Local Administrator Privileges Viewfinity will demonstrate how removing admin rights and granularly managing privileges at the application level reduces the attack surface.
- NSS Labs & Cisco Present: Evaluating Leading Breach Detection Systems Today's constantly evolving advanced malware and APTs can evade point-in-time defenses to penetrate networks. Security professionals must evolve their strategy in lockstep to... All Cybercrime and Hacking White Papers | Webcasts