Chinese cyberattacks hit key US weapons systems. Are they still reliable?
A new report suggests that many advanced US weapons systems have been hacked, and experts say China was behind the cyberattacks. If there were a war with China, the weapons might not be reliable.
(Page 2 of 2)
The unclassified version of the Defense Science Board report cited cyber vulnerabilities in “systems that are used to support and operate those weapons or critical IT capabilities embedded within them.”Skip to next paragraph
In Pictures US military muscle
Subscribe Today to the Monitor
What the pair of reports, along with the emergence of the restricted list, suggests is a wholesale loss of integrity and introduction of new levels of potential vulnerability of those weapons systems to Chinese military hackers, defense policy and cybersecurity experts told the Monitor.
“All the stuff on this list is extremely sensitive – it’s like the kitchen sink,” says Kenneth Flamm, a technology expert at the Pentagon during the Clinton administration, and now an economist at the University of Texas at Austin. “It raises serious questions about whether we can rely on these systems.”
The list includes systems compromised during an ongoing Chinese cyberespionage campaign that began in late 1990s. Its first significant successes came in 2002-03 and peaked in 2007, when the hackers got into at least five federal agencies, including the Defense Department, Commerce Department, State Department, NASA, and the Energy Department, says James Lewis, a senior fellow and cybersecurity expert with the Center for Strategic and International Studies, a Washington think tank.
About that time, government officials started to get serious about cybersecurity, and the incoming Obama administration also kicked off in 2008 a strategic review of cybersecurity. Since 2009, the Pentagon’s cybersecurity has been vastly improved, Dr. Lewis says.
“A lot of these cyberthefts happened before the Obama program kicked in,” Lewis adds. “But we still can’t rest easy, because we don’t know what they got and what they did while they were inside these networks.”
Software can make up perhaps one-third of the value of weapons systems like the Patriot missile and other system, he notes. Software for other systems on the list may now need an overhaul in order to ensure their integrity, he notes.
“If they got into the software code and left something behind, we’ve got a serious problem,” he says. “How do we know? We don’t. So the answer is that we have to redo the system to be sure it isn’t compromised.”
For its part, China regularly denies cyberespionage charges – and claims it, too, is a victim. But the emergence of the list comes amid heightened tensions between the US and China over charges of rampant cyberespionage by China against US defense industry, energy systems, and other economic targets.
In discussing an April visit to China by Gen. Martin Dempsey, chairman of the Joint Chiefs of Staff, Defense Secretary Chuck Hagel called cyberattacks “the greatest threat to our security – economic security, political security, diplomatic security, military security – that confronts us.”
During the visit, a top Chinese military officer, Gen. Fang Fenghui, seemed to concur, saying of cyberinsecurity that “the damaging consequences it causes may be as serious as a nuclear bomb.”