Cyber espionage: Military secrets served on a silver platter
Financial news service Bloomberg reports that Chinese hackers have been spying on US government contractors who are involved in the manufacture of military equipment such as spy satellites, bomb disposal robots and combat helicopters. Bloomberg says that an analysis carried out at QinetiQ provides an idea of the scope and continuity of the cyber espionage that has been targeted at the US.
According to Bloomberg, two former Pentagon officials said that almost all major US defence contractors have fallen victim to Chinese hacker attacks. Apparently, the attackers gained access to the US government's most closely guarded technological secrets, which could allow conclusions to be drawn about military campaigns, as well as attack and defence strategies.
In 2007 and 2008 alone, the Pentagon reportedly briefed 30 US government contractors about these aggressive spying efforts. Bloomberg said that it was unknown whether QinetiQ had also received such a briefing.
Source: Bloomberg At least since 2007, QinetiQ has repeatedly had its systems checked due to suspected spying activities. Terremark, the company that carried out the analysis, found that every last corner of QinetiQ's business divisions had been spied on for at least three years. "There was virtually no place we looked where we didn’t find them", Terremark's report was quoted as saying. The hacks are believed to have provided access to confidential information about combat helicopters.
Similarly substantial US defence contractor hacks have become public before. For example, attackers stole data that concerned Lockheed Martin's F-35 fighter jet. According to Bloomberg, one of the former Pentagon officials said that various hacks that targeted subcontractors cast doubts on whether the new Lockheed Martin F-22 Raptor fighter jet should be deployed in combat at all as too many of its features may already have become known.
Most of the cyber espionage campaigns against US defence contractors are thought to have been carried out by the "Comment Group". Earlier this year, security firm Mandiant produced a detailed report on this hacker group that also goes by the names APT1 and Shanghai Group. The report was the first to provide comprehensive evidence that the hacker group is closely related to the Chinese military or may even, as "Unit 61398", be part of it.