IT systems of US military contractors breached, says report

The need for departmental co-operation was one of the prime lessons from the 9/11 attack which governments — and the private sector — should have come away with if they want to increase IT and physical security. Several law enforcement agencies had clues about the aircraft hijackers that could have been followed up.

But a U.S. Senate report issued Wednesday suggests little has changed. The report by the Armed Services Committee said the FBI and several federal law enforcement and intelligence agencies know the IT systems of airlines and shipping companies contracted to U.S. Transportation Command — which handles the moving of armed forces personnel and cargo using military and civilian aircraft and ships — were breached 20 times in a 12 month period. TRANSCOM learned of only two of them.

The committee also said that the attackers were “associated with the Chinese government.”

The report again re-enforces how attackers can get valuable information through third party IT systems. In the case of Target department stores, the attackers went through the contractor and into Target’s systems.

The report said it is essential that potentially affected military divisions like TRANSCOM be aware of such intrusions so they can take steps to mitigate them. Instead it found “serious gaps” in intrusion reporting and information sharing that left TRANSCOM uninformed about the majority of intrusions on contractor networks.

Among the incidents cited were the theft of email, documents, user accounts , passwords and source code, flight details, PIN numbers and passwords for encrypted mail. “Multiple systems” were compromised on a commercial ship contracted by TRANSCOM. A spear-phishing email is suspected to have led to malware put on the network of a commercial airline.

A censored version of the committee’s full report was released. It doesn’t say if sensitive military information was taken in the breaches.

The agencies — which included the Air Force, Defense Security Service and the Defense Cyber Crime Center — weren’t entirely to blame. TRANSCOM has had a cyber intrusion reporting clause for contractors since 2013, but the committee said it had gaps that could have left it left it uninformed.

Also a requirement since 2010 that Transcom be notified of certain security incidents had ambiguous language. Complying would require companies to know they systems on which contract-related DOD information resided, but the contractors didn’t always know exactly what to report.

“These peacetime intrusions into the networks of key defense contractors are more evidence of China’s aggressive actions in cyberspace,” Committee chair Sen. Carl Levin, D-Mich., said in a statement. “Our findings are a warning that we must do much more to protect strategically significant systems from attack and to share information about intrusions when they do occur.”

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.


Jim Love, Chief Content Officer, IT World Canada

Featured Download

Howard Solomon
Howard Solomon
Currently a freelance writer, I'm the former editor of ITWorldCanada.com and Computing Canada. An IT journalist since 1997, I've written for several of ITWC's sister publications including ITBusiness.ca and Computer Dealer News. Before that I was a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times. I can be reached at hsolomon [@] soloreporter.com

Featured Articles

Cybersecurity in 2024: Priorities and challenges for Canadian organizations 

By Derek Manky As predictions for 2024 point to the continued expansion...

Survey shows generative AI is a top priority for Canadian corporate leaders.

Leaders are devoting significant budget to generative AI for 2024 Canadian corporate...

Related Tech News

Tech Jobs

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

Tech Companies Hiring Right Now