Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Report: Bad communication among defense agencies makes China hacks more dangerous

Tim Greene | Sept. 19, 2014
It's not just the fact that China has been hacking U.S. military contractors' networks, it's that the agencies discovering the breaches and the contractors themselves haven't been telling other agencies that need to know, a U.S. Senate report says.

It's not just the fact that China has been hacking U.S. military contractors' networks, it's that the agencies discovering the breaches and the contractors themselves haven't been telling other agencies that need to know, a U.S. Senate report says.

The report investigated just 11 out of more than 80 contractors hired by one U.S. military agency that are supposed to report cyber security incidents. The Senate Committee on Armed Services found 50 successful intrusions, including at least 20 attributable to advanced persistent threats (APT) placed by China, according to the report by the

Yet during the period investigated by the committee, of the 80 companies that were supposed to report incidents to the U.S. Transportation Command (TRANSCOM), only two reported any incidents at all.

While the APTs themselves pose a risk of stolen data, the further threat is that these compromised networks could be disrupted to compromise military operations in emergencies and therefore national security.

In some cases, TRANSCOM relies almost entirely on the support these private companies are hired to give. "For example, private airlines provide more than 90 percent of DOD's passenger movement capability and more than one-third of its bulk cargo capability," the report says.

As a result, the military also relies on these contractors' corporate networks to transmit sensitive information. "In addition the overwhelming majority of DOD deployments and distribution transactions occur over unclassified networks, many of which are owned by private companies," the report says.

So TRANSCOM would want to know whether its contractors' networks were compromised and potentially leaking data to China about civilian movement of troops and supplies. The report quotes the head of the Joint Chiefs of Staff Gen. Martin Dempsey as saying, "We can't stop an attack unless we can see it."

A lot of the problem is the various agencies don't communicate well with each other, according to the report.

TRANSCOM was told about just one of 20 advanced persistent threats that were successfully deployed in contractor networks.

Part of the problem is that the contractors and TRANSCOM aren't on the same page when it comes to what incidents the contractors must report. Another part is that other governmental agencies that may discover intrusions don't understand what TRANSCOM might need to know. A third part is that the agencies involved don't fully understand how they are allowed to share intrusion information.

Between June 1, 2012 and May 31, 2013 the FBI, Defense Security Service, Defense Cyber Crime Center or the Air Force Office of Special Investigations knew about at least 20 intrusions, but TRANSCOM knew about just two. TRANSCOM says information-sharing rules have prevented it from learning about intrusions, but the committee says it could find no such rules.

 

1  2  Next Page 

Sign up for CIO Asia eNewsletters.