US defense programs target of China cyber threat

May 29, 2013 by Lolita C. Baldor

New revelations that China used cyberattacks to access data from nearly 40 U.S. weapons programs and almost 30 other defense technologies have increased pressure on American leaders to take more strident action against Beijing to stem the persistent breaches.

The disclosure, which was included in a Defense Science Board report released earlier this year but is only now being discussed publicly, comes as Defense Secretary Chuck Hagel heads to , where he will discuss the escalating cyberthreat with counterparts from a number of area nations.

While officials have been warning for years about China's cyber espionage efforts aimed at U.S. military and high-tech programs, the breadth of the list underscored how routine the attacks have become. And, as the U.S. looks to grow its military presence in the Asia Pacific, it heightens worries that China can use the information to blunt America's military superiority and keep pace with emerging technologies.

"It introduces uncertainty on how well the weapons may work, and it means we may have to redo ," said James Lewis, a cybersecurity expert at the Center for Strategic and International Studies. "If they know how it works precisely, they will be able to evade it and figure out how to better beat our systems."

A chart included in the science board's report laid out what it called a partial list of 37 breached programs, which included the Terminal High Altitude Area Defense weapon—a land-based that was recently deployed to Guam to help counter the North Korean threat. Other programs include the F-35 Joint Strike Fighter, the F-22 Raptor , and the hybrid MV-22 Osprey, which can take off and land like a helicopter and fly like an airplane.

The report also listed another 29 broader defense technologies that have been compromised, including drone video systems and high-tech avionics. The information was gathered more than two years ago, so some of the data is dated and a few of the breaches—such as the F-35—had actually already become public.

The details of the breaches were first reported by The Washington Post.

According to a defense official, the report is based on more than 50 briefings that members of the board's task force received from senior leaders in the Pentagon, the State Department, the intelligence community, national laboratories and business. The official was not authorized to discuss the report publicly so spoke on condition of anonymity.

U.S. officials have been far more open about discussing the China cyberattacks over the past year or two, beginning with a November 2011 report by U.S. intelligence agencies that accused China of systematically stealing American high-tech data for its own national economic gain. The Pentagon, meanwhile, in its latest report on China's military power, asserted publicly for the first time that Beijing's military was likely behind computer-based attacks targeting federal agencies.

"In 2012, numerous computer systems around the world, including those owned by the U.S. government, continued to be targeted for intrusions, some of which appear to be attributable directly to the Chinese government and military," said the report, which was released earlier this month.

In Beijing on Wednesday, Assistant Foreign Minister Zheng Zeguang did not directly address the allegations, but said that China opposes all hacking and referred to an agreement with the U.S. to form a cybercrime working group.

Cybersecurity experts have for some time been urging the U.S. government to use sanctions or other punishments against China for the breaches.

The benefits to the cyber espionage are high and the costs are low, said Shawn Henry, former cyber director at the FBI and now president of CrowdStrike Services, a security technology company.

"There is no cost, there are no sanctions, no diplomatic actions, no financial disincentives," said Henry, adding that the U.S. intellectual property losses are in the hundreds of millions of dollars. He said that the U.S. needs to have a discussion with Chinese leaders about "what the red lines are and what the repercussions will be for crossing those red lines."

U.S. leaders, including President Barack Obama, however, have instead been using the bully pulpit to increase pressure on the Chinese to confront the problem. Obama is expected to raise the issue with China's new leader Xi Jinping during a summit next month in Southern California.

Pentagon Press Secretary George Little said Tuesday that the Pentagon maintains "full confidence in our weapons platforms," adding that the department has taken a number of steps to strengthen its network defenses and monitor for threats.

Defense contractors, meanwhile, declined to say whether their systems had been breached. But recent filings to shareholders indicate these companies see intrusions as a serious risk to their business, particularly when they must rely on third-party suppliers.

In its most recent annual report, Lockheed Martin—a primary contractor on missile defense programs—told shareholders that prior cyberattacks "have not had a material impact on our financial results," and that it believed its security efforts were adequate.

However, suppliers and subcontractors have "varying levels of cybersecurity expertise and safeguards and their relationships with government contractors, such as Lockheed Martin may increase the likelihood that they are targeted by the same cyber threats we face," according to the 2012 report.

In a statement emailed to reporters on Tuesday, Lockheed Martin said it has made "significant investments" in cybersecurity and that the company was trying to secure its supply chain given that "program information resides in a large cyber ecosystem."

Similar risk disclosures to shareholders have been made recently by Northrop Grumman, Boeing and Raytheon. For example, Northrop Grumman wrote in its 2012 annual report that cyber intrusions "could damage our reputation and lead to financial losses from remedial actions, loss of business or potential liability."

Company spokesman Randy Belote on Tuesday declined to say whether Northrop Grumman's systems had been breached, citing company policy. But, he added, "the number of attempts to breach our networks (is) increasing at an alarming rate."

Explore further: Twitter takes note of other apps on smartphones

5 /5 (3 votes)
add to favorites email to friend print save as pdf

Related Stories

Pentagon: Chinese government waging cyberattacks

May 06, 2013

(AP)—The Pentagon for the first time used its annual report on China to directly assert that Beijing's government and military have conducted computer-based attacks against the U.S., including efforts to steal information ...

US weighs tougher action over China cyberattacks

Feb 01, 2013

(AP)—High-level talks with the Chinese government to address persistent cyberattacks against U.S. companies and government agencies haven't worked, so officials say the Obama administration is now considering a range of ...

Cyberattacks a growing irritant in US-China ties

May 08, 2013

(AP)—Signs are growing that the sustained surge in cyberattacks emanating from China is imperiling its relations with the U.S., lending urgency to fledgling efforts by both governments to engage on the ...

US urges China collaboration on cyber intrusions

Apr 24, 2013

(AP)—The top U.S. military officer said Wednesday that he has called on China to be more transparent about cyberattacks and boost collaboration with the U.S. to tackle a common threat to their economies.

Recommended for you

UN moves to strengthen digital privacy (Update)

Nov 25, 2014

The United Nations on Tuesday adopted a resolution on protecting digital privacy that for the first time urged governments to offer redress to citizens targeted by mass surveillance.

Spotify turns up volume as losses fall

Nov 25, 2014

The world's biggest music streaming service, Spotify, announced Tuesday its revenue grew by 74 percent in 2013 while net losses shrank by one third, in a year of spectacular expansion.

Virtual money and user's identity

Nov 25, 2014

Bitcoin is the new money: minted and exchanged on the Internet. Faster and cheaper than a bank, the service is attracting attention from all over the world. But a big question remains: are the transactions ...

User comments : 2

Adjust slider to filter visible comments by rank

Display comments: newest first

John1948
1 / 5 (1) May 29, 2013
As if the US doesn't hack Chinese systems. Not to mention maintaining a military posture which could deny China access to the open ocean. Give it a decade and there will be Chinese aircraft carriers 13 miles off the California coast - just to encourage negotiations, of course.
geokstr
1 / 5 (1) May 30, 2013
What does the US gain by hacking Chinese systems - the secret sauce recipe for better Kung Pao Chicken?

Hacking doesn't really do a lot of good going down the technology food chain. However, you can save trillions of dollars in research costs stealing your way up that chain, while making it appear you spend so much less on that multi-million man standing army you pay two handfuls of rice a day.

I'll bet you can't wait for those Chinese aircraft carriers soon, since you obviously hate the United States and believe it to be responsible for all the evil in the world. Be careful what you wish for. China doesn't believe in the rights you take for granted.

Please sign in to add a comment. Registration is free, and takes less than a minute. Read more

Click here to reset your password.
Sign in to get notified via email when new comments are made.