Chinese hacked U.S. military contractors, Senate panel finds

TRANSCOM hacked by Chinese

(Reuters) Hackers associated with the Chinese government have repeatedly infiltrated the computer systems of U.S. airlines, technology companies and other contractors involved in the movement of U.S. troops and military equipment, a U.S. Senate panel has found.

The Senate Armed Services Committee’s year-long probe, concluded in March but made public on Wednesday, found the military’s U.S. Transportation Command, or Transcom, was aware of only two out of at least 20 such cyber intrusions within a single year.

The investigation also found gaps in reporting requirements and a lack of information sharing among U.S. government entities. That in turn left the U.S. military largely unaware of computer compromises of its contractors. . . .

. . . Those companies typically do not have the level of defense against hackers as major weapons makers or the military itself.

“The military uses secret or top secret networks that are not on the Internet, but private companies do not,” said Alperovitch. “That’s a real challenge.” . . . (read more)

Chinese hacking into critical Pentagon contractors (McClatchy)

. . . . Among the examples provided, the probe found that between 2008 and 2010, one TRANSCOM contractor “was compromised by the Chinese military, who stole emails, documents, user accounts, passwords and even source code.”

In another, “In 2010, the Chinese military compromised the computer network of a Civil Reserve Air Fleet contractor, stealing documents, flight details, credentials and pins and passwords for encrypted email.”

Under one scenario, Bejtlich said, the Chinese could be interested in obtaining U.S. military logistical information because of Beijing’s increasing control of Taiwan.

“The most likely event that would cause a shooting war between the United States and China would be an invasion of Taiwan,” he said. “In the event that the Chinese decide to take over Taiwan, they want to disrupt our logistics and slow us down so that we won’t be able to get our forces to Taiwan as quickly.” . . . (read more)

SASC investigation finds Chinese intrusions into key defense contractors (Senate Armed Services Committee press release)

Hackers associated with the Chinese government successfully penetrated the computer systems of U.S. Transportation Command contractors at least 20 times in a single year, intrusions that show vulnerabilities in the military’s system to deploy troops and equipment in a crisis, a Senate Armed Services Committee investigation has found. . . . (read more)

REPORT: Inquiry into Cyber Intrusions Affecting US Transportation Command (pdf)


Threats are Out There