WASHINGTON (Reuters) – Hackers associated with the Chinese government have repeatedly infiltrated the computer systems of US airlines, technology companies and other contractors involved in the movement of US troops and military equipment, a US Senate panel has found.
The Senate Armed Services Committee’s year-long probe, concluded in March but made public yesterday, found the military’s US Transportation Command, or Transcom, was aware of only two out of at least 20 such cyber intrusions within a single year.
The investigation also found gaps in reporting requirements and a lack of information sharing among US government entities. That in turn left the US military largely unaware of computer compromises of its contractors.
“These peacetime intrusions into the networks of key defense contractors are more evidence of China’s aggressive actions in cyberspace,” Democratic Senator Carl Levin of Michigan, the committee’s chairman, said in releasing the report.
Officials with the Chinese Embassy in Washington did not immediately comment.
Cybersecurity expert Dmitri Alperovitch, chief technology officer with the security firm Crowdstrike, said China had for years shown a keen interest in the logistical patterns of the US military.
The investigation focused on the US military’s ability to seamlessly tap civilian air, shipping and other transportation assets for tasks including troop deployments and the timely arrival of supplies from food to ammunition to fuel.
Those companies typically do not have the level of defence against hackers as major weapons makers or the military itself.
“The military uses secret or top-secret networks that are not on the Internet, but private companies do not,” said Alperovitch. “That’s a real challenge.”
The FBI said in a statement that it “continues to aggressively investigate cyber intrusions emanating from state-sponsored actors and other criminals.
“We remain committed to working with our interagency partners to identify threats, protect the nation’s infrastructure from potential harm, and hold accountable those groups and individuals that pose a threat in cyberspace,” the statement added.
In a 12-month period beginning June 1, 2012, there were about 50 intrusions or other cyber events into the computer networks of Transcom contractors, the 52-page report stated. At least 20 of those were successful intrusions attributed to an “advanced persistent threat,” a term used to designate sophisticated threats commonly associated with attacks against governments. All of those intrusions were attributed to China.
Senator Jim Inhofe of Oklahoma, the committee’s top Republican, called for a “central clearinghouse” that makes it easy for contractors to report suspicious cyber activity.