By Richard Sale
U.S. builders of America’s most advanced combat aircraft, the F-35 Joint Strike Fighter, are still frantically rushing to put in place cutting edge technology that would secure the aircraft’s avionics from Chinese hacker attacks, U.S. intelligence sources told ISSSource.
Three years ago, Chinese hackers, part of a military cyber group, also stole plans for the F-22 combat aircraft, the sources said. Both planes are advanced stealth aircraft and are the most advanced and the most expensive in the world.
“I don’t think they saw the attack coming,” said a former senior U.S. intelligence source, adding, “These guys (the U.S. builders of the plane) lack imagination. They don’t act until something bad happens.”
The former senior U.S. intelligence official said the major U.S. contractors of the plane never thought of designing countermeasures that would act to repel China’s extensive hacking programs, and he said they never installed the security equipment. China, who has issued vehement non-denials about the event, long ago created groups of military cyber hackers to pillage intellectual property and military technology. Those units often employed logic bombs and other devices whose purpose is the unauthorized seizure of classified U.S. military or commercial technology.
For years now, Chinese military hackers have been compromising the networks of U.S. defense contractors and the Pentagon, and apparently the F-35 was an easy target.
The initial breach occurred when Chinese hackers penetrated the vulnerable computers of British Aerospace (BAE) and the intrusion occurred with such skill the Chinese ended up monitoring online meetings and technical discussions of the plane, according to news reports. These sources said the attack on BAE lasted 18 months before anyone discovered it. After officials discovered the breach, they haled the program, and it restarted with work on the new expensive security system still ongoing, according to the former U.S. intelligence officials.
BAE, along with Lockheed, Gulfstream Aerospace, a division of General Dynamics, just suffered an attack by the hacker group Anonymous, but the data stolen was of minor importance, U.S. sources said.
In the case of the first F-35 breach, the hack attack did not originally aim for the aircraft, but at another classified program, which sources declined to name. The Chinese hackers targeted the plane’s secure communications and antenna systems, and the intrusion was so widespread it compromised a vast network of U.S. and overseas military subcontractors who were key to the plane’s development. The breach has led to expensive software “rewrites” and other redesigns to safeguard the compromised parts of the plane, said a former U.S. intelligence source. Officials also said trying to fashion remedies to counter the Chinese has led to “Huge overruns on program costs,” resulting in reduced annual purchases and production stretch-outs,” in the words of one U.S. official.
The attack took place three year ago, and the story broke in 2009 by Aviation Week and The Wall Street Journal. Yet the matter festered until last March, when the House Homeland Security Subcommittee on Oversight, Investigations and Management, finally held hearings.
According to news reports, Rep. Michael McCaul (R-Texas) issued a clear warning: “I’ve been dealing with this issue for a long time,” he said. “But I think it’s important that the American people, who most of them don’t understand this issue, have a better idea of what–what is at risk. You know when I look at the theft of intellectual property to the tune of $1 trillion, that’s a serious economic issue for the United States.”
According to Aviation Week and confirmed to ISSSource by U.S. intelligence officials, before the intrusions were discovered nearly three years ago, Chinese hackers “actually sat in on what were supposed to have been secure, online program-progress conferences.”
Only recently have U.S. defense officials begun to discuss the profound damage done to top secret programs by huge data losses, and it is now common knowledge that hacker intrusions have had a huge negative impact on Defense Department program and U.S. national security.
The Chinese attacks on BAE’s computers were similar to the Shady Rat breach which was a five-year-old Chinese hacking venture that looted “trillions of dollars worth of intellectual and corporate data from U.S. companies,” said former U.S. intelligence officials.
Richard Sale was United Press International’s Intelligence Correspondent for 10 years and the Middle East Times, a publication of UPI. He is the author of Clinton’s Secret Wars and Traitors.