Is a Chinese Hack on our Naval Weapons an Act of War?

It is long been a question of the point that a foreign hack for espionage and theft is an act of war with emphasis on our naval weapons programs or those of the Army or Air Force.

Cyber warfare is an issue few care about or have control over because data resides outside of our individual control but that is NOT the case when it comes to government. They are accountable for safeguarding networks and data.

After a hiatus of several years, Chinese state hackers are once again penetrating networks at a range of U.S. corporations in a campaign to steal secrets and leapfrog ahead in a race for global technology supremacy, cyber researchers say.

Companies in fields such as biomedicine, robotics, cloud computing and artificial intelligence have all been hit by cyber intrusions originating in China, the researchers say.

“It’s definitely accelerating. The trend is up,” said Dmitri Alperovitch, cofounder and chief technology officer at CrowdStrike, a threat intelligence firm based in Sunnyvale, Calif.,

Chinese state hacking teams linked to the People’s Liberation Army and the Ministry of State Security are becoming visible on U.S. networks again, although they are using new methods to remain undetected, researchers said.

“In the last few months, we’ve definitely seen … a reemergence of groups that had appeared to have gone dormant for a while,” said Cristiana Brafman Kittner, principal analyst at FireEye, a cybersecurity firm that has tracked China hacking extensively.

The activity comes after a sharp drop in Chinese hacking that began in September 2015, when former President Barack Obama and Chinese leader Xi Jinping reached an agreement to end the hacking theft of commercial secrets. The agreement quelled U.S. anger over its charge that China is the “world’s most active and persistent perpetrator of economic espionage.”

U.S. prosecutors in 2014 indicted five PLA officers for economic espionage for hacking into firms like Westinghouse, U.S. Steel and Alcoa. The 56-page indictment said the five men worked for Unit 61398 of the PLA’s Third Department in Shanghai. The highly detailed complaint entered into details that U.S. officials later said were meant to “name and shame” China for commercial hacking.

Why China’s hackers may be getting back into the game is not readily clear. Renewed trade tensions may be a reason. President Donald Trump has threatened to impose $50 billion of tariffs on China-made products to cut the U.S. trade deficit of $375 billion with China.

Another factor may be the conclusion of a massive reorganization of China’s military, which began in late 2015 and under which various signals intelligence and cyber hacking units “were dissolved and absorbed into this one mega organization, called the Strategic Support Force,” said Priscilla Moriuchi, an expert on East Asia at Recorded Future, a cyber-threat intelligence firm based in Somerville, Mass.

China’s Xi has laid out ambitious goal of catching up with the United States and Europe in 10 key sectors, including aerospace, semiconductors and robotics, under its “Made in China 2025” program.

Moriuchi, who spent 12 years in the U.S. intelligence community, eventually leading the National Security Agency’s East Asia and Pacific cyber threats office, said China’s hackers are broadening tactics, burrowing into telecommunications networks even as they steal secrets to help party leaders achieve “Made in China 2025” goals.

“The sectors that they are going after are things like cloud computing, (Internet of Things), artificial intelligence, biomedicines, civilian space, alternative energy, robotics, rail, agricultural machinery, high-end medical devices,” Moriuchi said.

“There are companies in all of these sectors that have experienced intrusions over the past year from actors who are believed to be China state-sponsored,” she said.

Since early in the past decade, U.S. officials have alleged that Chinese state hackers were tasked with obtaining commercial secrets from Western corporations to help Chinese firms, many of them state-owned, overtake competitors to the global forefront in technology.

In a renewed warning alert for China, a March 22 report from the Office of the U.S. Trade Representative on China’s trade actions said, “Beijing’s cyber espionage against U.S. companies persists and continues to evolve.

So as you read about the stolen data from the Navy by China consider this: Should the NSA get inside the Chinese networks now and infect and or re-steal our intelligence?

Unmanned underwater vehicles take advantage of advanced ... photo

(Note: according to the Washington Post item below, the contractor is not named, however ‘Inside Defense’ in September of 2016 published an item that GD Electric Boat was awarded the $105.5 million contract modification moving it into the second phase.)

electric boat « Breaking Defense - Defense industry news ... photo

WaPo: Chinese government hackers have compromised the computers of a Navy contractor, stealing massive amounts of highly sensitive data related to undersea warfare — including secret plans to develop a supersonic anti-ship missile for use on U.S. submarines by 2020, according to American officials.

The breaches occurred in January and February, the officials said, speaking on the condition of anonymity to discuss an ongoing investigation. The hackers targeted a contractor who works for the Naval Undersea Warfare Center, a military organization headquartered in Newport, R.I., that conducts research and development for submarines and underwater weaponry.

The officials did not identify the contractor.

Taken were 614 gigabytes of material relating to a closely held project known as Sea Dragon, as well as signals and sensor data, submarine radio room information relating to cryptographic systems, and the Navy submarine development unit’s electronic warfare library.

The Washington Post agreed to withhold certain details about the compromised missile project at the request of the Navy, which argued that their release could harm national security.

The data stolen was of a highly sensitive nature despite being housed on the contractor’s unclassified network. The officials said the material, when aggregated, could be considered classified, a fact that raises concerns about the Navy’s ability to oversee contractors tasked with developing cutting-edge weapons.

The breach is part of China’s long-running effort to blunt the U.S. advantage in military technology and become the preeminent power in east Asia. The news comes as the Trump administration is seeking to secure Beijing’s support in persuading North Korea to give up nuclear weapons, even as tensions persist between the United States and China over trade and defense matters.

The Navy is leading the investigation into the breach with the assistance of the FBI, officials said. The FBI declined to comment.

On Friday, the Pentagon inspector general’s office said that Defense Secretary Jim Mattis had asked it to review contractor cybersecurity issues arising from The Post’s story.
Navy spokesman Cmdr. Bill Speaks said, “There are measures in place that require companies to notify the government when a ‘cyber incident’ has occurred that has actual or potential adverse effects on their networks that contain controlled unclassified information.”

Speaks said “it would be inappropriate to discuss further details at this time.”

Altogether, details on hundreds of mechanical and software systems were compromised — a significant breach in a critical area of warfare that China has identified as a priority, both for building its own capabilities and challenging those of the United States.

“It’s very disturbing,” said former Sen. Jim Talent (R-Mo.,) who is a member of the U.S. China Economic and Security Review Commission. “But it’s a of a piece with what the Chinese have been doing. They are completely focused on getting advanced weapons technology through all kinds of means. That includes stealing secrets from our defense contractors.” Talent had no independent knowledge of the breach.
Undersea priority

The Sea Dragon project is an initiative of a special Pentagon office stood up in 2012 to adapt existing U.S. military technologies to new applications. The Defense Department, citing classification levels, has released little information about Sea Dragon other than to say that it will introduce a “disruptive offensive capability” by “integrating an existing weapon system with an existing Navy platform.” The Pentagon has requested or used more than $300 million for the project since late 2015 and has said it plans to start underwater testing by September.

Military experts fear that China has developed capabilities that could complicate the Navy’s ability to defend U.S. allies in Asia in the event of a conflict with China.

The Chinese are investing in a range of platforms, including quieter submarines armed with increasingly sophisticated weapons and new sensors, Adm. Philip S. Davidson said during his April nomination hearing to lead U.S. Indo-Pacific Command. And what they cannot develop on their own, they steal — often through cyberspace, he said.

“One of the main concerns that we have,” he told the Senate Armed Services Committee, “is cyber and penetration of the dot-com networks, exploiting technology from our defense contractors, in some instances.”

In February, Director of National Intelligence Daniel Coats testified that most of the detected Chinese cyber-operations against U.S. industry focus on defense contractors or tech firms supporting government networks.

In recent years, the United States has been scrambling to develop new weapons or systems that can counter a Chinese naval buildup that has targeted perceived weaknesses in the U.S. fleet. Key to the American advantage in any faceoff with China on the high seas in Asia will be its submarine fleet.

“U.S. naval forces are going to have a really hard time operating in that area, except for submarines, because the Chinese don’t have a lot of anti-submarine warfare capability,” said Bryan Clark, a naval analyst at the Center for Strategic and Budgetary Assessments. “The idea is that we are going to rely heavily on submarines in the early effort of any conflict with the Chinese.”

China has made closing the gap in undersea warfare one of its three top military priorities, and although the United States still leads the field, China is making a concerted effort to diminish U.S. superiority.

“So anything that degrades our comparative advantage in undersea warfare is of extreme significance if we ever had to execute our war plans for dealing with China,” said James Stavridis, dean of the Fletcher School of Law and Diplomacy at Tufts University and a retired admiral who served as supreme allied commander at NATO.

The U.S. military let its anti-ship weaponry languish after the Cold War ended because with the Soviet Union’s collapse, the Navy no longer faced a peer competitor on the seas. But the rapid modernization and buildup of the Chinese navy in recent years, as well as Russia’s resurgent forces at sea, have prompted the Pentagon to renew heavy investment in technologies to sink enemy warships.

The introduction of a supersonic anti-ship missile on U.S. Navy submarines would make it more difficult for Chinese warships to maneuver. It would also augment a suite of other anti-ship weapons that the U.S. military has been developing in recent years.
Ongoing breaches

For years, Chinese government hackers have siphoned information on the U.S. military, underscoring the challenge the Pentagon faces in safeguarding details of its technological advances. Over the years, the Chinese have snatched designs for the F-35 Joint Strike Fighter; the advanced Patriot PAC-3 missile system; the Army system for shooting down ballistic missiles known as Terminal High Altitude Area Defense; and the Navy’s new Littoral Combat Ship, a small surface vessel designed for near-shore operations, according to previous reports prepared for the Pentagon.

In some cases, suspected Chinese breaches appear to have resulted in copycat technologies, such as the drones China has produced that mimic U.S. unmanned aircraft.

[Chinese cyberspies stole a long list of U.S. weapons designs]

Speaks, the Navy spokesman, said: “We treat the broader issue of cyber intrusion against our contractors very seriously. If such an intrusion were to occur, the appropriate parties would be looking at the specific incident, taking measures to protect current information, and mitigating the impacts that might result from any information that might have been compromised.”

The Pentagon’s Damage Assessment Management Office has conducted an assessment of the damage, according to the U.S. officials. The Office of the Secretary of Defense declined to comment.

Theft of an electronic warfare library, Stavridis said, could give the Chinese “a reasonable idea of what level of knowledge we have about their specific [radar] platforms, electronically and potentially acoustically, and that deeply reduces our level of comfort if we were in a close undersea combat situation with China.”

Signals and sensor data is also valuable in that it presents China with the opportunity to “know when we would know at what distance we would be able to detect their submarines” — again a key factor in undersea battles.

Investigators say the hack was carried out by the Chinese Ministry of State Security, a civilian spy agency responsible for counterintelligence, foreign intelligence and domestic political security. The hackers operated out of an MSS division in the province of Guangdong, which houses a major foreign hacking department.

Although the Chinese People’s Liberation Army is far better-known than the MSS when it comes to hacking, the latter’s personnel are more skilled and much better at hiding their tracks, said Peter Mattis, a former analyst in the CIA counterintelligence center. The MSS, he said, hack for all forms of intelligence: foreign, military and commercial.

In September 2015, in a bid to avert economic sanctions, Chinese President Xi Jinping pledged to President Barack Obama that China would refrain from conducting commercial cyberespionage against the United States. Following the pact, China appeared to have curtailed much, although not all, of its hacking activity against U.S. firms, including by the People’s Liberation Army.

Both China and the United States consider spying on military technology to fall outside the pact. “The distinction we’ve always made is there’s a difference between conducting espionage in order to protect national security and conduct military operations, and the theft of intellectual property for the benefit of companies inside your country,” said Michael Daniel, the White House cybersecurity coordinator under Obama.

 

Posted in China, China aggression, Citizens Duty, Cyber War, Department of Defense, DOJ, DC and inside the Beltway, Failed foreign policy, FBI, government fraud spending collusion, Industry Jobs Oil Economics, Legislation, Military, NSA Spying, The Denise Simon Experience, Treasury, Trump Administration, Whistleblower.

Denise Simon

One Comment

  1. Definitely not an act of war. This is more an act of stupidity. I relegate this more to industrial espionage. This is nothing new. I am shocked that people would call this an act of war. If you put your secrets out on a clothesline for the world to see, don’t be surprised when things come up missing. In the intelligence community, you are taught to guard your secrets at all times. If you put valuable information on line, if that information is captured or compromised, that is your problem. I do not blame the Chinese in the least. In some respects, I applaud them. Problem is that this has been going on for years. You hear about computer security all the time, but why are computers on line, or valuable information on servers which are subject to being hacked? No. The imbeciles who allowed this to happen are the ones who are responsible, not the Chinese. You think that if I have a competitor out there and can grab his information that I am not going to do it? Dream on. It is all bullshit about computer security. It is so easy to hack into virtually any system. Even if a computer is not on line and it is on bluetooth, you can grab signals and have a field day. Just give me a microphone near a computer that is not even on line and I can find out everything that I want to know using low bandwidth acoustic cryptanalysis. You want your information secure? Better put your computer and storage information in a faraday cage.

    Right, blame the Chinese for your own stupidity. Like you didn’t know that it could happen. You are going to trust a contractor to keep your data secure? Just like some of the advanced research labs around the country which hire Chinese with advanced degrees. I know of a Naval weapons lab which has over a hundred chinese women working there, all with advanced degrees in either math or physics. Most of them do not speak english, yet, somehow, they are US government employees. I know for an absolute fact that everything they do goes straight back to Beijing. The Chinese do not look at it as a patriotic thing by taking information and selling it. They really do not give a shit. If it means that they get extra money, hooray for them. If Beijing doesn’t get it from one person, another will come along and get them what it is that they want – until we stop giving it to them.

    I have a Chinese friend who is a US citizen. In my mind, I am almost certain that this person has something to do with 3PLA, maybe even unit 61398. I have never known this person to do anything illegal, but I do know that this person collects information and items which undoubtedly find ways back to Beijing. But if this person is not routing back espionage items and what they buy is perfectly legal, who cares? If they send a boiler pipe back to Beijing and they do the metallurgy on it to make a better pipe, what can you do to stop them? In my industry, I buy items from my competitors all the time, either to find out what is in their products or if they have something in there I can improve my products with. If there product is not patented, there is not much that can be done about it. I know that somethings that I have sold competitors did the same thing to me.

    If you allow hookers to parade around on the street with skirts up to their ass, men are going to want to have sex with them. If you make it mandatory that they wear dresses which are down to the tops of their shoes, hardly any man is going to want to have sex with them. If you stop the cloud bullshit. If you keep your information off line. If you do not keep your computers running 24/7, it will become more and more difficult for anyone to acquire your information. Like storing your information on somebody’s cloud is secure? BS, somebody is looking at it, that is why it is there. Why would you pay someone to ‘store’ your information when you could just buy a device and store it yourself? Redundancy is important when dealing with electronic storage, but I would not put my information out for the world to see. If you can’t afford a backup hard drive storage system for yourself, you should at least install a program which monitors the ‘health’ of your hard drive so you might have an idea of when it is going to fail. Not the best, but better than nothing.

    Funny thing, the Chinese and the Russians are much more careful with their computer data than we are. I an not writing this to be unpatriotic, it is just the lay of the land. It is so easy to hack into computers and electronic information. Cyber security is a joke. All the shit that they sell you is a joke. They sell you all kinds of crap and tell you that your information is secure. What a bunch of crap. Like the other day, there was a hack into a DNA data base with over 100m DNA files on people. You would think that a company who had DNA samples would have the best type of security protocols. In the news, it was kind of ho-hum, just another random hack.

Comments are closed.