Modern field guide to security and privacy

Chinese hackers penetrating key computer networks for Pentagon

A Senate investigation focused on the ‘sophisticated’ cyberincursions into the computer systems of contractors for US Transportation Command, which plays a crucial role in the military’s response to global crises.

Hackers from the Chinese military have repeatedly penetrated key computer networks for the Pentagon, potentially compromising US military operations, warns a newly declassified Senate investigation.

One year in the making, the bipartisan report, released Wednesday, focused on the “sophisticated” cyberincursions into the computer systems of contractors for US Transportation Command.

While TRANSCOM is one of the lesser-known and seemingly less-captivating commands, it is integral to the mobilization and deployment of US military forces and plays a crucial role in the military’s response to crises around the world.

“What we found is very disturbing,” Sen. Carl Levin (D) of Michigan and chairman of the Senate Armed Services Committee, said Wednesday in a briefing with reporters. 

In a 12-month period beginning in June 2012, there were at least 20 sophisticated cyberincursions into contractor systems, all of which “originated with the Chinese government,” Senator Levin said, adding that the Chinese military stole documents, flight details, and passwords from encrypted e-mails.

These cyberattacks have the “potential to impact military operations,” since the private sector plays “a crucial role” in US military force mobilization and deployment, according to the report.

Roughly 90 percent of the Pentagon’s ability to transport troops, for example, and more than one-third of its bulk cargo capability are supplied by private airlines, which are particularly vulnerable to these attacks.

This is in large part because the “overwhelming majority” of Defense Department deployment and distribution records – more than 90 percent – are kept on unclassified computer systems.

While that news is “bad enough,” Levin said that a second key finding of the investigation “is, frankly, just as disturbing.”

This is the realization that the vast majority of cyberattacks simply aren’t being reported by the government contractors. In the rare event they are, that news “isn’t getting to where it needs to go in order to protect the security of US military operations,” he said.

The report found that of 20 major security breaches into the computer systems of contractors investigated by Senate staffers, TRANSCOM was made aware of only two and “was in the dark about the vast majority of intrusions.”

The problem is that there is not a clear mechanism for the private sector to report these intrusions, said Sen. James Inhofe (R) of Oklahoma and the ranking member of the Senate Armed Services Committee, at the briefing with reporters.

New bipartisan measures sponsored by both senators will create a “clearinghouse” for private contractors to report these computer incursions, which will relieve contractors “of some of the responsibility for inadvertently not reporting [cyberattacks] when they should be reported,” Senator Inhofe noted. “These are serious offenses.”

Director of National Intelligence James Clapper recently warned that cybertheft “is almost certainly allowing our adversaries to close the technological gap between our respective militaries.”

What’s more, the report warns, US officials who study Chinese military planning have raised the alarm that China could use cyberattacks to keep US troops from deploying during a vital operation – by using cyberincursions to corrupt information that relates to supplies or troop convoys, for example.

The problem, Levin said – paraphrasing recent remarks from Gen. Martin Dempsey, chairman of the Joint Chiefs of Staff – is that “we can’t stop a cyberattack unless we see it.”

You've read  of  free articles. Subscribe to continue.

Dear Reader,

About a year ago, I happened upon this statement about the Monitor in the Harvard Business Review – under the charming heading of “do things that don’t interest you”:

“Many things that end up” being meaningful, writes social scientist Joseph Grenny, “have come from conference workshops, articles, or online videos that began as a chore and ended with an insight. My work in Kenya, for example, was heavily influenced by a Christian Science Monitor article I had forced myself to read 10 years earlier. Sometimes, we call things ‘boring’ simply because they lie outside the box we are currently in.”

If you were to come up with a punchline to a joke about the Monitor, that would probably be it. We’re seen as being global, fair, insightful, and perhaps a bit too earnest. We’re the bran muffin of journalism.

But you know what? We change lives. And I’m going to argue that we change lives precisely because we force open that too-small box that most human beings think they live in.

The Monitor is a peculiar little publication that’s hard for the world to figure out. We’re run by a church, but we’re not only for church members and we’re not about converting people. We’re known as being fair even as the world becomes as polarized as at any time since the newspaper’s founding in 1908.

We have a mission beyond circulation, we want to bridge divides. We’re about kicking down the door of thought everywhere and saying, “You are bigger and more capable than you realize. And we can prove it.”

If you’re looking for bran muffin journalism, you can subscribe to the Monitor for $15. You’ll get the Monitor Weekly magazine, the Monitor Daily email, and unlimited access to CSMonitor.com.