Chinese cyberattacks hit key US weapons systems. Are they still reliable?

A new report suggests that many advanced US weapons systems have been hacked, and experts say China was behind the cyberattacks. If there were a war with China, the weapons might not be reliable.

|
Devon Ravine/Northwest FloridaDaily/AP
US Marine Corps Sgt. Robert Coates monitors the 'hot' refueling of an F-35B Lightning II joint strike fighter at Eglin Air Force Base in Fort Walton Beach, Fla., last week. A confidential report by the Defense Science Board says that files on many of the nation's most expensive weapons systems, including the F-35, have been accessed by Chinese hackers.

Dozens of key US weapons system designs and technologies have been compromised by Chinese hackers, creating fresh uncertainty over America’s warfighting capabilities in any future conflict in Asia, according to a defense advisory group study and defense policy experts.

The laundry list of US weapons systems whose files have been accessed during the past decade by Chinese hackers includes some of the nation’s most expensive and exotic programs. The list was contained in a confidential version of a Defense Science Board report, according to The Washington Post.

The list includes the Terminal High Altitude Area Defense missile system, the V-22 Osprey tilt-rotor aircraft, Patriot Advanced Capability-3 antimissile system, along with the Global Hawk unmanned aerial vehicle, the Aegis ballistic missile defense system, and the F-35 Joint Strike Fighter.

The long-term impact, experts say, could be to give China an edge in any confrontation as well as speeding deployment of advanced military technology that will cost it billions less to develop, defense experts say.

The unclassified version of the Defense Science Board report entitled, “Resilient Military Systems and the Advanced Cyber Threat,” which did not contain the list and barely mentions China, was released in January. But defense officials, speaking anonymously, told the Post that Chinese hackers are behind the attacks on most of the systems on the list in the restricted version.

“The Defense Science Board, a senior advisory group made up of government and civilian experts, did not accuse the Chinese of stealing the designs,” the newspaper reported. “But senior military and industry officials with knowledge of the breaches said that the vast majority were part of a widening Chinese campaign of espionage against US defense contractors and government agencies.”

Earlier this month, the Pentagon went on record with another report, this one to Congress, saying that Chinese cyberespionage of weapons systems is a key part of China’s effort to vault itself forward. That report for the first time specifically cited China’s government and military as directly responsible for cyberthefts involving US weapons systems.

“China is using its computer network exploitation capability to support intelligence collection against the US diplomatic, economic, and defense industrial base sectors that support US national defense programs,” the unusually blunt report to Congress said. “The information targeted could potentially be used to benefit China’s defense industry, high technology industries, policymaker interest in US leadership thinking on key China issues, and military planners building a picture of US network defense networks, logistics, and related military capabilities that could be exploited during a crisis.”

The unclassified version of the Defense Science Board report cited cyber vulnerabilities in “systems that are used to support and operate those weapons or critical IT capabilities embedded within them.”

What the pair of reports, along with the emergence of the restricted list, suggests is a wholesale loss of integrity and introduction of new levels of potential vulnerability of those weapons systems to Chinese military hackers, defense policy and cybersecurity experts told the Monitor.

“All the stuff on this list is extremely sensitive – it’s like the kitchen sink,” says Kenneth Flamm, a technology expert at the Pentagon during the Clinton administration, and now an economist at the University of Texas at Austin. “It raises serious questions about whether we can rely on these systems.”

The list includes systems compromised during an ongoing Chinese cyberespionage campaign that began in late 1990s. Its first significant successes came in 2002-03 and peaked in 2007, when the hackers got into at least five federal agencies, including the Defense Department, Commerce Department, State Department, NASA, and the Energy Department, says James Lewis, a senior fellow and cybersecurity expert with the Center for Strategic and International Studies, a Washington think tank.

About that time, government officials started to get serious about cybersecurity, and the incoming Obama administration also kicked off in 2008 a strategic review of cybersecurity. Since 2009, the Pentagon’s cybersecurity has been vastly improved, Dr. Lewis says.

“A lot of these cyberthefts happened before the Obama program kicked in,” Lewis adds. “But we still can’t rest easy, because we don’t know what they got and what they did while they were inside these networks.”

Software can make up perhaps one-third of the value of weapons systems like the Patriot missile and other system, he notes. Software for other systems on the list may now need an overhaul in order to ensure their integrity, he notes.

“If they got into the software code and left something behind, we’ve got a serious problem,” he says. “How do we know? We don’t. So the answer is that we have to redo the system to be sure it isn’t compromised.”

For its part, China regularly denies cyberespionage charges – and claims it, too, is a victim. But the emergence of the list comes amid heightened tensions between the US and China over charges of rampant cyberespionage by China against US defense industry, energy systems, and other economic targets.

In discussing an April visit to China by Gen. Martin Dempsey, chairman of the Joint Chiefs of Staff, Defense Secretary Chuck Hagel called cyberattacks “the greatest threat to our security – economic security, political security, diplomatic security, military security – that confronts us.”

During the visit, a top Chinese military officer, Gen. Fang Fenghui, seemed to concur, saying of cyberinsecurity that “the damaging consequences it causes may be as serious as a nuclear bomb.”

You've read  of  free articles. Subscribe to continue.
Real news can be honest, hopeful, credible, constructive.
What is the Monitor difference? Tackling the tough headlines – with humanity. Listening to sources – with respect. Seeing the story that others are missing by reporting what so often gets overlooked: the values that connect us. That’s Monitor reporting – news that changes how you see the world.

Dear Reader,

About a year ago, I happened upon this statement about the Monitor in the Harvard Business Review – under the charming heading of “do things that don’t interest you”:

“Many things that end up” being meaningful, writes social scientist Joseph Grenny, “have come from conference workshops, articles, or online videos that began as a chore and ended with an insight. My work in Kenya, for example, was heavily influenced by a Christian Science Monitor article I had forced myself to read 10 years earlier. Sometimes, we call things ‘boring’ simply because they lie outside the box we are currently in.”

If you were to come up with a punchline to a joke about the Monitor, that would probably be it. We’re seen as being global, fair, insightful, and perhaps a bit too earnest. We’re the bran muffin of journalism.

But you know what? We change lives. And I’m going to argue that we change lives precisely because we force open that too-small box that most human beings think they live in.

The Monitor is a peculiar little publication that’s hard for the world to figure out. We’re run by a church, but we’re not only for church members and we’re not about converting people. We’re known as being fair even as the world becomes as polarized as at any time since the newspaper’s founding in 1908.

We have a mission beyond circulation, we want to bridge divides. We’re about kicking down the door of thought everywhere and saying, “You are bigger and more capable than you realize. And we can prove it.”

If you’re looking for bran muffin journalism, you can subscribe to the Monitor for $15. You’ll get the Monitor Weekly magazine, the Monitor Daily email, and unlimited access to CSMonitor.com.

QR Code to Chinese cyberattacks hit key US weapons systems. Are they still reliable?
Read this article in
https://www.csmonitor.com/USA/Military/2013/0528/Chinese-cyberattacks-hit-key-US-weapons-systems.-Are-they-still-reliable
QR Code to Subscription page
Start your subscription today
https://www.csmonitor.com/subscribe