Apps

Attackers breach $300 billion Joint Strike Fighter project

Computer spies have repeatedly breached the Pentagon's $300 billion Joint Strike Fighter project and the U.S. Air Force's air traffic control system.

According to The Wall Street Journal, computer spies have repeatedly breached the Pentagon's $300 billion Joint Strike Fighter project and the U.S. Air Force's air traffic control system. For more on these attacks, check out the following articles:

About

Bill Detwiler is Managing Editor of TechRepublic and Tech Pro Research and the host of Cracking Open, CNET and TechRepublic's popular online show. Prior to joining TechRepublic in 2000, Bill was an IT manager, database administrator, and desktop supp...

28 comments
Ed H.
Ed H.

if it was China that got access to the plans. They could manufacture them more cheaply and then you could see them go on sale at Walmart or in bulk at Sam's Club.

NotSoChiGuy
NotSoChiGuy

1). Report that black hats got onto power grid systems 2). Vandals/domestic baddies cut into fiber 3). Report that Air Force systems and contractor files had been compromised Any over/under bets as to when the first piece of legislation proposing that the government is given control to monitor, er, "safeguard", the Internet is brought up to debate??

chcallahan
chcallahan

you just can't trust the Chinese

editqueen
editqueen

What are they thinking....putting that type of information on a publicly (whether VPN or not) accessible website? Really? And this was a multi billion dollar project? That's pretty scary. With this type of secrecy, why not send a (strapped) human being to carry this information to the allies we're working with!

Brian G
Brian G

Do you know what a 'honey pot' is?

The 'G-Man.'
The 'G-Man.'

From: http://www.vnunet.com/vnunet/news/2240752/uk-defense-project-hacked The hackers copied data relating to the aircraft system design by exploiting network vulnerabilities in computer infrastructure belonging to contractors helping to build the new planes. The hackers encrypted the data they stole to stop officials knowing the extent of the breach. However, according to reports the most sensitive design information, such as flight controls and sensors, was not touched because it resides on computers not connected to the internet. Question: Why was the data relating to the aircraft system design on computers connected to the Internet? Sounds fishy.

JamesRL
JamesRL

We may all have suspcisions but no proof. The Cuckoo's Egg breach was through contrators in the US, but the originators were in Germany. It took a long time to find it since they went through many intermediaries. The origin for the breach discussed here may be in China, but that doesn't prove that it was the Chinese government or a Chinese citizen. I'm not suggesting that it isn't, but why you think and what you can prove are two different things. James

JamesRL
JamesRL

We have no idea what they accessed. It could be that they only got access to information that is already public or not important. James

cardhun
cardhun

I work in DoD engineering programs. Our classified data are all on entirely separate classified Wide Area Networks that have no connection at all to the internet. Unclassified data - including proprietary data and For Official Use Only - are on unclassified Wide Area Networks that are connected to the internet, albeit with firewall, anti-spam filters, and antivirus protection. For engineering design, information that is readily available in the public domain or is very similar to existing systems cannot be classified. Stop and think about it and it becomes very obvious that trying to classify information that is very simlar to data that are already common knowledge is a very silly idea. On the other hand, the capabilities of a new fighter aircraft - its maximum altitude, its top speed, its turning radius, how many targets it can engage, and especially its stealth characteristics -- are absolutely classified. So are the design details for achieving these new capabilities unlike anything done before. It is therefore unlikely that any genuinely classifed data were compromised. However, it is because of risks such as this, as well as the risks of accidental data spills (unintended compromise of classified data on unclassified networks) that many iof us who work in the field think that any work on classified programs should be done entirely on classified networks.

beowulf_cam
beowulf_cam

For what possible reason would the USAF Air Traffic control system be connected to the internet??? It makes you wonder what kind of idiots are in charge of the military.

robo_dev
robo_dev

And also the problem is that most of these fighter-jet programs are considered to be 'Gray World' programs....meaning they are a mix of secret (black) and public (white) data. Black-world projects are easy to secure, you just lock up everything. Gray world is trickier, because your data classification has to be precise and very correct. Security must be very tight in some areas and looser in others. If you secure everything air-tight in a gray-world program, it drives cost through the roof, and slows everything down. So there has to be the right balance between the two extremes. The big risk is when contractors have secret data, but do not secure it with the level of controls that are really required. Or when they accidentally mix secret data with non-secret data. There's a reason that every aircraft Russia makes are virtual clones of US Aircraft...event their space shuttle.

Senrats
Senrats

Keeping the systems off the internet does not stop the hacking, but it does make the "hackers" physically go to the location (they can't hack you from China). You still have problems with contractors. Corporate espionage is a huge problem and in some countries it is just a part of doing business. A great book to read on the subject is Ira Wrinklers "Spies Among Us: How to Stop the Spies, Terrorists, Hackers, and Criminals You Don't Even Know You Encounter Every Day". You can find it at Amazon.

JamesRL
JamesRL

in the nuclear industry, I can tell you that not everything has the same classification rating. There are some aspects of a project that are almost public domain, others that are top secret, and some in between. I was once in the position of recommending some items to secure top secret information, but because I was only cleared to secret, I couldn't know what they actually implemented. If it was a contractor that was hacked, its most certainly highly compartmentalized information. The contractor would have only the information they need to complete their tasks. I'm not suggesting its not serious. The whole "Cuckco's egg" story started by someone hacking a contractor and from their compromising more secretive sites. But don't assume that the whole aircraft is compromised because one contrator's site was cracked. James

TeknoMagician
TeknoMagician

... that at least some of the stolen 'information' is misdirection and that report of its theft is meant to build its credibility?

Vulpinemac
Vulpinemac

The AFATC system needs to communicate with civilian ATC systems to help avoid in-flight conflicts between military and civilian aircraft. This helps both to reduce the risk of in-flight collisions and the potential of UFO sightings where the UFO may be a classified military aircraft. The drawback, of course, is that even unclassified information can give away a lot of secrets when collated over time; our enemies know this and so do we. We can make getting access to unclassified data more difficult, but there's nothing preventing a determined data-miner from finding it.

VYX777
VYX777

That is exactly what I am constantly asking. Why nobody ever deals with the obvious.

igtddave
igtddave

Bottom line is this, 1. Potentially sensitive information is required to be secured. As a Govt. contractor myself, we are required to store any classified information on a self-contained, closed, certified network; not one connected to a commercial ISP! 2. If the correct security measures are in place, and the right people are in charge of IT, the information wouldn't get "hacked".

mike_patburgess
mike_patburgess

You are exactly right.. I am in the same business. There are two and sometimes three classified networks. The most secret has no connections to the outside world they are internal only. There is no access from home, wireless communications, cameras, etc are not allowed in the building. They are complete and distinct networks and systems which are locked down and will not accept even the smallest external device (USB keys). Of course if they all continued to use a proprietary OS like they used to, this might not ever happen.

Vulpinemac
Vulpinemac

... would likely be one that's not connected to the outside at all, or connected to any machine that has access to the outside. Literally, a closed network would be one untouchable from outside the building/campus. While I'll grant that contractors and military units have a need for global communications, in most cases non-classified communications can ride the same internet we do, but anything classified has a completely separate communications system that's much more difficult to penetrate. The 'Cuckoo's Egg' story dates back to when the internet was a relative unknown; operating between schools and military services almost exclusively. It also pointed out even then that the military needed an exclusive network system separate from the internet. What they're using now, I don't know. But logic dictates that it's likely to be very different; just as the internet was different from teletype.

The 'G-Man.'
The 'G-Man.'

perhaps the hackers are creating some kind of CIP device with an end game to smuggle chemical weapons in to the country. Well at least thats what the TV told me.

Popoyd
Popoyd

There are no hacker proof setups. None. Many are certain they have one UNTIL they get hacked. So goes the story of IT so far. Nowadays it is more expensive and high-tech to hack high security networks, but some organizations (and governments) do have the infrastructre and even 'borrow' computing power from the www to process their attacks.

robo_dev
robo_dev

More Troubling News: "Similar incidents have also breached the Air Force's air-traffic-control system in recent months" "In the case of the fighter-jet program, the intruders were able to copy and siphon off several terabytes of data related to design and electronics systems, officials say, potentially making it easier to defend against the craft" Original Article here: http://online.wsj.com/article/SB124027491029837401.html Think about that....a breach of the Air Force Air Traffic Control system (!!!!!) Why that is not front page news???? Think of the havoc during war time of owning the air traffic control system of your enemy....wow.

Senrats
Senrats

You can't stop the hackers/security threats, you can only slow them down. What do you mean by "closed,certified network"? Aren't all ISP's "commercial"? Are you pointing out the difference in ISP hardware (ex. there is a hardware router on the certified network)?

JamesRL
JamesRL

That ANY classified information was stolen. Thats the point. They could have stolen a bunch of useless information about the project, stuff thats already in the public domain. And never presume that any security measures are sufficient enough and that if only they had the right things are in place that everything will be ok. Even private networks can and are compromised. The desire for secrets can drive people to incredible creativity. I'm aware of a breach on a closed system where they simply had hired the wrong person who had inside access and who printed out files and photocopied them. James