[Vision2020] Time For Legislators With Guts To Fix The Internet

Art Deco art.deco.studios at gmail.com
Tue May 28 08:00:51 PDT 2013


------------------------------
   Confidential report lists U.S. weapons system designs compromised by
Chinese cyberspies By Ellen
Nakashima<http://www.washingtonpost.com/ellen-nakashima/2011/03/02/ABdt4sM_page.html>,
Published: May 27

Designs for many of the nation’s most sensitive advanced weapons systems
have been compromised by Chinese hackers, according to a report prepared
for the Pentagon and to officials from government and the defense industry.

Among more than two dozen major weapons systems whose designs were breached
were programs critical to U.S. missile defenses and combat aircraft and
ships, according to a previously undisclosed section of a confidential
report prepared for Pentagon leaders by the Defense Science Board.

Experts warn that the electronic intrusions gave China access to advanced
technology that could accelerate the development of its weapons systems and
weaken the U.S. military advantage in a future conflict.

The Defense Science Board, a senior advisory group made up of government
and civilian experts, did not accuse the Chinese of stealing the designs.
But senior military and industry officials with knowledge of the breaches
said the vast majority were part of a widening Chinese campaign of
espionage against U.S. defense contractors and government agencies.

The significance and extent of the targets help explain why the Obama
administration has escalated its warnings to the Chinese government to stop
what Washington sees as rampant cyber­theft.

In January, the advisory panel warned in the public version of its
report<http://www.acq.osd.mil/dsb/reports/ResilientMilitarySystems.CyberThreat.pdf>that
the Pentagon is unprepared to counter a full-scale cyber-conflict. The
list of compromised weapons designs is contained in a confidential version,
and it was provided to The Washington Post.

Some of the weapons form the backbone of the Pentagon’s regional missile
defense for Asia, Europe and the Persian Gulf. The designs included those
for the advanced Patriot missile system, known as PAC-3; an Army system for
shooting down ballistic missiles, known as the Terminal High Altitude Area
Defense, or THAAD; and the Navy’s Aegis ballistic-missile defense system.

Also identified in the report are vital combat aircraft and ships,
including the F/A-18 fighter jet, the V-22 Osprey, the Black Hawk
helicopter and the Navy’s new Littoral Combat Ship, which is designed to
patrol waters close to shore.

Also on the list is the most expensive weapons system ever built — the F-35
Joint Strike Fighter, which is on track to cost about $1.4 trillion. The 2007
hack of that project
<http://online.wsj.com/article/SB124027491029837401.html.html>was reported
previously.

China, which is pursuing a comprehensive long-term strategy to modernize
its military, is investing in ways to overcome the U.S. military advantage
— and cyber-espionage is seen as a key tool in that effort, the Pentagon
noted this month in a report to Congress on China. For the first time,
the Pentagon
specifically named the Chinese government and
military<http://washingtonpost.com/world/national-security/pentagon-chinese-government-military-behind-cyberspying/2013/05/06/f4851618-b694-11e2-b94c-b684dda07add_story.html>as
the culprit behind intrusions into government and other computer
systems.

As the threat from Chinese cyber-espionage has grown, the administration
has become more public with its concerns. In a speech in March, Thomas
Donilon<http://www.washingtonpost.com/world/national-security/us-publicly-calls-on-china-to-stop-commercial-cyber-espionage-theft-of-trade-secrets/2013/03/11/28b21d12-8a82-11e2-a051-6810d606108d_story.html>,
the national security adviser to President Obama, urged China to control
its cyber-activity. In its public criticism, the administration has avoided
identifying the specific targets of hacking.

But U.S. officials said several examples were raised privately with senior
Chinese government representatives in a four-hour meeting a year ago. The
officials, who spoke on the condition of anonymity to describe a closed
meeting, said senior U.S. defense and diplomatic officials presented the
Chinese with case studies detailing the evidence of major intrusions into
U.S. companies, including defense contractors.

In addition, a recent classified National Intelligence
Estimate<http://tinyurl.com/c66dlfz>on economic cyber-espionage
concluded that China was by far the most active
country in stealing intellectual property from U.S. companies.

The Chinese government insists that it does not conduct ­cyber-
espionage on U.S. agencies or companies, and government spokesmen often
complain that Beijing is a victim of U.S. cyberattacks.

Obama is expected to raise the issue when he meets with Chinese President
Xi Jinping next month in California.

A spokesman for the Pentagon declined to discuss the list from the science
board’s report. But the spokesman, who was not authorized to speak on the
record, said in an e-mail, “The Department of Defense has growing concerns
about the global threat to economic and national security from persistent
cyber-intrusions aimed at the theft of intellectual property, trade secrets
and commercial data, which threatens the competitive edge of U.S.
businesses like those in the Defense Industrial Base.”

The confidential list of compromised weapons system designs and
technologies represents the clearest look at what the Chinese are suspected
of targeting. When the list was read to independent defense experts, they
said they were shocked by the extent of the cyber-espionage and the
potential for compromising U.S. defenses.

“That’s staggering,” said Mark Stokes, executive director of the Project
2049 Institute, a think tank that focuses on Asia security issues. “These
are all very critical weapons systems, critical to our national security.
When I hear this in totality, it’s breathtaking.”

The experts said the cybertheft creates three major problems. First, access
to advanced U.S. designs gives China an immediate operational edge that
could be exploited in a conflict. Second, it accelerates China’s
acquisition of advanced military technology and saves billions in
development costs. And third, the U.S. designs can be used to benefit
China’s own defense industry. There are long-standing suspicions that
China’s theft of designs for the F-35 fighter allowed Beijing to develop
its version much faster.

“You’ve seen significant improvements in Chinese military capabilities
through their willingness to spend, their acquisitions of advanced Russian
weapons, and from their cyber-espionage campaign,” said James A. Lewis, a
cyber-policy expert at the Center for Strategic and International Studies.
“Ten years ago, I used to call the PLA [People’s Liberation Army] the
world’s largest open-air military museum. I can’t say that now.”

The public version of the science board report noted that such
cyber-espionage and cyber-sabotage could impose “severe consequences for
U.S. forces engaged in combat.” Those consequences could include severed
communication links critical to the operation of U.S. forces. Data
corruption could misdirect U.S. operations. Weapons could fail to operate
as intended. Planes, satellites or drones could crash, the report said.

In other words, Stokes said, “if they have a better sense of a THAAD design
or PAC-3 design, then that increases the potential of their ballistic
missiles being able to penetrate our or our allies’ missile defenses.”

Winslow T. Wheeler, director of the Straus Military Reform Project at the
Project on Government Oversight, made a similar point. “If they got into
the combat systems, it enables them to understand it to be able to jam it
or otherwise disable it,” he said. “If they’ve got into the basic
algorithms for the missile and how they behave, somebody better get out a
clean piece of paper and start to design all over again.”

The list did not describe the extent or timing of the penetrations. Nor did
it say whether the theft occurred through the computer networks of the U.S.
government, defense contractors or subcontractors.

Privately, U.S. officials say that senior Pentagon officials are frustrated
by the scale of cybertheft from defense contractors, who routinely handle
sensitive classified data. The officials said concerns have been expressed
by Gen. Martin Dempsey, chairman of the Joint Chiefs of
Staff<http://www.washingtonpost.com/politics/gen-martin-dempsey/gIQA3FZdKP_topic.html>,
and Adm. James A. Winnefeld Jr., the vice
chairman<http://www.washingtonpost.com/politics/adm-james-a-winnefeld-jr/gIQAhRhSKP_topic.html>,
as well as Gen. Keith
Alexander<http://www.washingtonpost.com/politics/gen-keith-b-alexander/gIQA7gFTKP_topic.html>,
director of the National Security Agency.

“In many cases, they don’t know they’ve been hacked until the FBI comes
knocking on their door,” said a senior military official who was not
authorized to speak on the record. “This is billions of dollars of combat
advantage for China. They’ve just saved themselves 25 years of research and
development. It’s nuts.”

In an attempt to combat the problem, the Pentagon launched a pilot program
two years ago to help the defense industry shore up its computer defenses,
allowing the companies to use classified threat data from the National
Security Agency to screen their networks for malware. The Chinese began to
focus on subcontractors, and now the government is in the process of
expanding the sharing of threat data to more defense contractors and other
industries.

An effort to change defense contracting rules to require companies to
secure their networks or risk losing Pentagon business stalled last year.
But the 2013 Defense Authorization Act has a provision that requires
defense contractors holding classified clearances to report intrusions into
their networks and allow access to government investigators to analyze the
breach.

The systems on the science board’s list are built by a variety of top
defense contractors, including
Boeing<http://washpost.bloomberg.com/marketnews/stockdetail/?symbol=BA>,
Lockheed Martin<http://washpost.bloomberg.com/marketnews/stockdetail/?symbol=LMT>,
Raytheon <http://washpost.bloomberg.com/marketnews/stockdetail/?symbol=RTN>and
Northrop
Grumman<http://washpost.bloomberg.com/market-news/stockdetail?symbol=NOC:US>.
None of the companies would comment about whether their systems have been
breached.

But Northrop Grumman spokes­man Randy Belote acknowledged the company “is
experiencing greater numbers of attempts to penetrate its computer
networks” and said the firm is “vigilant” about protecting its networks.

A Lockheed Martin official said the firm is “spending more time helping
deal with attacks on the supply chain” of partners, subcontractors and
suppliers than dealing with attacks directly against the company. “For now,
our defenses are strong enough to counter the threat, and many attackers
know that, so they go after suppliers. But of course they are always trying
to develop new ways to attack.”

The Defense Science Board report also listed broad technologies that have
been compromised, such as drone video systems, nanotechnology, tactical
data links and electronic warfare systems — all areas where the Pentagon
and Chinese military are investing heavily.

“Put all that together — the design compromises and the technology theft —
and it’s pretty significant,” Stokes said.

* *


-- 
Art Deco (Wayne A. Fox)
art.deco.studios at gmail.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.fsr.com/pipermail/vision2020/attachments/20130528/25a77a81/attachment.html>


More information about the Vision2020 mailing list