Chinese Hacked US Military Contractors, Senate Panel Finds
By Ros Krasny 18 September 2014
WASHINGTON — Hackers associated with the Chinese government have repeatedly infiltrated the computer systems of U.S. airlines, technology companies and other contractors involved in the movement of U.S. troops and military equipment, a U.S. Senate panel has found.
The Senate Armed Services Committee’s year-long probe, concluded in March but made public on Wednesday, found the military’s U.S. Transportation Command, or Transcom, was aware of only two out of at least 20 such cyber intrusions within a single year.
The investigation also found gaps in reporting requirements and a lack of information sharing among U.S. government entities. That in turn left the U.S. military largely unaware of computer compromises of its contractors.
“These peacetime intrusions into the networks of key defense contractors are more evidence of China’s aggressive actions in cyberspace,” Democratic Senator Carl Levin of Michigan, the committee’s chairman, said in releasing the report.
Officials with the Chinese Embassy in Washington did not immediately comment.
Cybersecurity expert Dmitri Alperovitch, chief technology officer with the security firm Crowdstrike, said China had for years shown a keen interest in th the logistical patterns of the U.S. military.
The investigation focused on the U.S. military’s ability to seamlessly tap civilian air, shipping and other transportation assets for tasks including troop deployments and the timely arrival of supplies from food to ammunition to fuel.
Those companies typically do not have the level of defense against hackers as major weapons makers or the military itself.
“The military uses secret or top-secret networks that are not on the Internet, but private companies do not,” said Alperovitch. “That’s a real challenge.”
The FBI said in a statement that it “continues to aggressively investigate cyber intrusions emanating from state-sponsored actors and other criminals.
“We remain committed to working with our interagency partners to identify threats, protect the nation’s infrastructure from potential harm, and hold accountable those groups and individuals that pose a threat in cyberspace,” the statement added.
In a 12-month period beginning June 1, 2012, there were about 50 intrusions or other cyber events into the computer networks of Transcom contractors, the 52-page report stated.
At least 20 of those were successful intrusions attributed to an “advanced persistent threat,” a term used to designate sophisticated threats commonly associated with attacks against governments. All of those intrusions were attributed to China.
Senator Jim Inhofe of Oklahoma, the committee’s top Republican, called for a “central clearinghouse” that makes it easy for contractors to report suspicious cyber activity.
“We must ensure that cyber intrusions cannot disrupt our mission readiness,” Inhofe said.
The investigation found that a “Chinese military intrusion” into a Transcom contractor between 2008 and 2010 “compromised emails, documents, user passwords and computer code.” In 2012, another intrusion was made into multiple systems of a commercial ship contracted by Transcom, the report said.
The Senate probe could further increase tensions between the two world powers over cyber spying.
In May U.S. authorities charged five Chinese military officers, accusing them of hacking into American nuclear, metal and solar companies to steal trade secrets.
Last month, Community Health Systems, one of the largest U.S. hospital groups, said Chinese hackers had stolen Social Security numbers and other personal data from some 4.5 million patients.