On Wednesday, May 27, The American press made public information that China-based hackers have stolen designs from important major weapons systems. The report specifically listed as hacked details of the Patriot missile system, the Naval Aegis ballistic missile system, the F/A-18 fighter jet, the Black Hawk helicopter, the V-22 Osprey, and the F-35 Joint-Strike Fighter. China’s access to classified information may allow it to not only duplicate U.S. defense properties, but also defend against our finest weapons.
Mandiant, “the leader in advanced threat detection and response solutions”, released an initial report in February exposing a grand-scale espionage campaign by one of the largest of the Advanced Persistent Threat groups; the report titled “APT1: Exposing One of China’s Cyber Espionage Units” considered China’s 2nd Bureau of the People’s Liberation Army, China’s General Staff Department, and China’s Military Unit Cover Designator 61398, as a group, APT1. The report details that APT1 has systematically stolen defense data from no less than 141 corporations in several industries.
The report said that while no computer network is impenetrable, federal agencies devote considerable resources to foiling hackers. The data, they explain, comes from the hacking of lower-level contractors who build parts for the weapons systems. The large and well-organized hackers piece the information together, producing data that can be used to copy or thwart our systems.
Much of the Mandiant information is confirmed by the Defense Department through the Defense Science Board, who write that “Chinese cyber spies have uncovered U.S. designs for combat aircraft and ships, as well as missile defense systems around the globe.”
The Pentagon reported this month that China is using espionage to modernize its military. Hacking, the Pentagon says, is a serious concern. It states that the hacking appears to be “attributable directly to the Chinese government and military.”
China denies any involvement. The report, they say, is groundless; without foundation.
In Australia, China-linked hackers allegedly stole the plans for a $650 million headquarters for the Australia Security Intelligence Organization. China’s Foreign Ministry spokesman Hong Lei denied the Australian hacking claim. “China,” he said, “disapproves of hacking.” “China pays high attention to the cyber security issue and is firmly opposed to all forms of hacker attacks.” “Since it is very difficult to find out the origin of hacker attacks, it is very difficult to find out who carried out such attacks; I don’t know what the evidence is for media to make such kinds of reports.”
A report from ABC News referred to the Chinese hacking as part of a wave of cyber-attacks in Australia. It said the hackers have stolen information from the Australian Department of Foreign Affairs and Trade, the Australian Secret Intelligence Service, and other agencies in Australia.
Christopher Ling, an executive vice-president at Booz, Allen, Hamilton Strategy and Technology Consulting, a high level cybersecurity firm, says there is now a black market for sophisticated malware that allows less sophisticated nations to mount serious attacks. Some hackers, he discloses, are interested in terrorism. The U.S. Department of Homeland Security reported 198 attacks on critical U.S. infrastructure in fiscal year 2012. China, Ling says, is the “the most active and prolific” of the players. “It is a national focus agenda item for the Chinese to be active in this way,” Ling says, “It’s not a small group of people who just decided they want to do this on their own accord.”
Richard Bejtlich, the Chief Security Officer for cyber-security company Mandiant, working with Kevin Mandia, Mandiant’s Chief Executive Officer, reports:
Chinese hackers take a decentralized approach to stealing U.S. secrets. Mandiant tracks 20 different hacking groups, which range in size from dozens of hackers to thousands. The groups may have specialties or receive specific instructions on what to target from China’s Ministry of State Secrecy, but they can be in competition with each other. We have seen cases where they are six or seven independently operating groups inside a single target.
Photo: USA Today