Chinese hackers believed to be linked to Beijing conducted dozens of cyberattacks on US defence contractors between 2012 and 2013, potentially compromising military operations, a congressional probe warned Wednesday. A study by the Senate Armed Services Committee found that hackers gained access to systems run by companies doing contract work for the US Transportation Command (TRANSCOM) at least 50 times in a one-year period ending May 30, 2013.
"Of those 50, at least 20 were successful intrusions into contractor networks attributed to an 'advanced persistent threat' (APT), a term used to distinguish sophisticated cyber threats that are frequently associated with foreign governments," the report warned. The report, as well as committee chairman Senator Carl Levin, attributed all 20 APTs to China.
"The security of our military operations is what is at stake," Levin told reporters as he unveiled a de-classified version of the report. The probe uncovered dramatic gaps in reporting requirements by the companies, and poor co-ordination between the firms and US agencies like the Federal Bureau of Investigation that left TRANSCOM virtually in the dark about the intrusions. Of the 20 major breaches, TRANSCOM had been made aware of just two of them, a "troubling finding" according to the report. "Information about these threats isn't getting where it needs to go," Levin said.
Some 90 percent of US military personnel are transported on private airlines, and Senator James Inhofe, the committee's top Republican, warned that the hacks had the potential to "disrupt our mission readiness" by compromising such companies, particularly during national emergencies.
Investigators studied the little-known Civil Reserve Air Fleet program through which commercial companies help TRANSCOM move troops and equipment around the world. A committee staffmember said such firms might let down their guard or slow their reporting of cyber intrusions during peacetime, allowing Chinese hackers to crack into their systems and lie in wait until a US military emergency arises. The hacking has apparently occurred for years. Between 2008 and 2010, for example, a "Chinese military intrusion" into a TRANSCOM contractor compromised emails, documents, computer code and passwords, the report said.
In 2012, there was a similar intrusion into several systems onboard a commercial ship contracted by TRANSCOM. As a result of the findings, the committee said, lawmakers have inserted requirements in the 2015 defense spending bill that streamline the information process about cyberattacks and tighten reporting procedures for defense contractors.