Chinese hackers associated with the Chinese government have successfully infiltrated the computer systems of U.S. defense contractors working with the government agency responsible for the transportation of military troops and goods across the globe, a Senate investigators have found.
The Senate Armed Services Committee has been investigating the issue for the past year and found that the U.S. Military's Transportation Command (TRANSCOM) has been infiltrated at least 20 times in a single year, out of which only two were detected. This is probably the most serious allegation yet against China.
The successful intrusions attributed to an “advanced persistent threat,” a term used to designate sophisticated threats commonly associated with governments. All of those intrusions were attributed to China, the report stated.
The investigation was conducted in the 12 months period from June 2012 to June 2013 based on information provided by the Federal Bureau of Investigations (FBI), Defense Security Services (DoD), Defense Cyber Crime Centre, and the US Air Force and 11 contractors.
The details of allegations on China were made public by the committee on Wednesday in a press release titled, SASC investigation finds Chinese intrusions into key defense contractors. The committee also found dramatic gaps in reporting requirements and a lack of information sharing among U.S. government entities.
This poor coordination between the firms and U.S. agencies left the U.S. military’s TRANSCOM virtually in dark about the computer compromises of its contractors that, according to committee, are key to the mobilization and deployment of U.S. military forces.
It further criticized the reporting structure and said the FBI and Department of Defence (DoD) knew about the intrusions but did not tell the Pentagon of nine separate intrusions of TRANSCOM contractors and other agencies within the Department.
“These peacetime intrusions into the networks of key defense contractors are more evidence of China’s aggressive actions in cyberspace,” said Sen. Carl Levin, D-Mich., the committee’s chairman. “Our findings are a warning that we must do much more to protect strategically significant systems from attack and to share information about intrusions when they do occur.”
The committee investigation focused on the U.S. military's ability to tap into civilian air, shipping and other transportation assets to rapidly deployments of U.S. forces in times of crisis.
The committee's top Republican, Jim Inhofe, demanded a "central clearinghouse" that makes it easy for critical contractors, particularly small businesses, to report suspicious cyber activity "without adding a burden to their mission support operations."
The investigation found intrusions including the compromise of email accounts, documents, user passwords and computer code. Also it found the intrusion by the Chinese military into the networks of Civil Reserve Air Fleet (CRAF) under which contractors lost documents, flight details, credentials and its email encryption key, while systems on a TRANSCOM contractor ship were hacked multiple times.
The committee upgraded its version of the National Defense Authorisation Act for Fiscal Year 2015 to direct the Secretary of Defense to tighten up the reporting gaps and improve the way in which the Department disseminates inform about cyber intrusions into the computer networks of operationally critical contractors.