Subscription Center
Apr 21, 2009 05:37 PM | 13
An unknown cyber criminal (or group of them) has broken into computer systems housing information about the U.S. Defense Department's $300 billion Joint Strike Fighter project, the Wall Street Journal reports today, citing a number of "current and former government officials familiar with the attacks."
It's unclear how much damage the attacks have caused to the jet-fighter project, given that the cyber intruders were able to download "sizable amounts of data" related to the aircraft's (also called the F-35 Lightning II) in-flight maintenance diagnostics but weren't able to access the most sensitive information, related to flight controls and sensors (which is stored on computers not hooked up to the Internet), according to the Journal. The Air Force is currently testing prototypes of the aircraft, said to be the most expensive ever commissioned by the Pentagon.
The attackers allegedly access the Joint Strike Fighter information by exploiting vulnerabilities in the networks of two or three contractors helping to build the high-tech fighter jet, the Journal reports, citing "people who have been briefed on the matter." Although none of the contractors have commented publicly on the computer compromise, Lockheed Martin is the lead contractor on the program, while Northrop Grumman Corp. and BAE Systems PLC are also playing important roles in its development. "Computer systems involved with the program appear to have been infiltrated at least as far back as 2007," according to the Journal, which cites unnamed sources who state that the intruders appear to have been interested in data about the design of the plane, its performance statistics and its electronic systems. The guilty party loaded software onto the Pentagon's computers that encrypts the data as it's being stolen, which means investigators don't know exactly what data has been taken.
This latest alleged cyber intrusion comes less than two weeks after the Journal reported that spies from China, Russia and other countries have hacked into the U.S. electricity grid and installed software that could cause mass outages, a story that has been criticized by some computer experts as hype perpetuated by government officials looking for more funding.
It's unlikely that U.S. investigators will be able to ascertain the identities of those behind the attack, unless they can get the cooperation of China and any other countries that might be involved, says Dorothy Denning, a professor of defense analysis at the Naval Postgraduate School in Monterey, Calif. Of course, it's also possible that computers in China were hacked into in order to make it look like China is to blame, she adds.
State-sponsored spies aren't the only ones who've successfully hacked into U.S. government computers though. Scottish computer hacker Gary McKinnon, 42, has for years been fighting extradition to the U.S. for in 2001 and 2002 allegedly breaking into networks owned by NASA, the US Army, Navy, Department of Defense, and the Air Force, causing about $800,000 in damage and ruining 300 computers. McKinnon, who suffers from Asperger's Syndrome and could face life in prison in the U.S. if convicted, says that he hacked into U.S. government systems that had no password or firewall protection to search for information on "UFOs, free energy and anti-gravity technology," Sky News reports.
There's no silver bullet for protecting sensitive information, Denning says. Encrypting data might help, she adds, but an "adversary may be able to fool the system into decrypting the data or plant malicious code on the system that captures keys."
Government computer security is a big problem, but some agencies do better than others, according to Denning, who points to the annual FISMA report (mandated by the Federal Information Security Management Act of 2002). The 2007 report gave five federal agencies (the Social Security Administration, Justice Department, Environmental Protection Agency, Agency for International Development, and National Science Foundation) an "A+" for their security efforts, but the average score was a "C" (and the Defense Department received a "D-").
Image of an F-35 Lightning II Joint Strike Fighter taking off from a Lockheed Martin facility in Fort Worth, Texas, © U.S. Air Force
Tags:
Air Force,
Joint Strike Fighter,
hacker
More News Blog:
Next: Robot "Lunacy" competition wraps up in Atlanta
Previous: Wireless Bluetooth moves into the fast lane with latest version
See what we're tweeting about
gmusser N.J. is the 7th best state for cyclists. Which gives you a sense of how awful most of the country must be. http://t.co/dbWAAi7atN
gstix1 Tech Giant Sees a Competitive Advantage in Hiring Autistic Workers: http://t.co/fwWMzxRpMy gmusser "Some curves are so convoluted they wriggle free of the one-dimensional world and fill up space." Awesome math story. http://t.co/1HymznWXG1
Deadline: Jun 29 2013
Reward: $7,000 USD
The Seeker for this Challenge desires proposals for chemical methods that could rapidly degrade a dilute aqueous solution
Deadline: Jul 25 2013
Reward: Varies
This challenge provides an opportunity for Solvers to build a web-based or mobile “app” to explore data relationships in scholarly conte
Powered By: 
YES! Send me a free issue of Scientific American with no obligation to continue the subscription. If I like it, I will be billed for the one-year subscription.
13 Comments
Add Comment"UNKNOWN?!?!" C'mon now, everybody knows the Chinese Government is behind most of the Cyber attacks!!!
Reply | Report Abuse | Link to thisguilty until proven otherwise??? You are infact, very "Chinese..."
Reply | Report Abuse | Link to thisTo blame China for all computer break-ins ignores the fact that there are at least Nations, including Russia, N. Korea, Afghanistan (say, Al Queda and the Taliban), Iran, Israel who has it's share of hackers and lump in Venezuela, Cuba, Somalia, the Balkans, Romania(sorry guys), maybe Ireland [IRA] or some snot in England and of course China! If you just average it out among them all, you'd realize that they all have very, very sharp kids in school and college and university and clandestine training and , OOPS, don't forget Syria and souther Saudi Arabia and Yemen and ...I think the picture is a bit more cloudy than any of us except CIA and NIA, FBI, CSI, NCSI, sheesh! they can all help point the finger, can't they. Damn it all, everybody's looking for a piece of us, because! we've got all the good stuff..! and-they-want it!!, etc ad nauseum, Add to this the knowledge that China has hacked the power grid in this country and we've got a recipe for Real Disaster..Hope that Obama suceeds in reducing the BUSH Hegemony into Iraq and all that grew with it! Democrat PJB
Reply | Report Abuse | Link to thisWasting $300 Billion on another airplane is the real crime here.
Reply | Report Abuse | Link to this"(which is stored on computers not hooked up to the Internet)" It's good to know they actually employ this very easy security for sensitive information. It's always bewildered me why they don't, and why they say hackers cause so much damage. How does a hacker cause damage?
Reply | Report Abuse | Link to thisThis is another great example of not learning from your mistakes. They admit that hackers have broken into thier computers since 2007. Why the hell are these computers still connected to the internet? Sensitive information needs to be shared between individual contractors, but NOT over the internet. Break the connections!!!
Reply | Report Abuse | Link to thisHappy is exactly correct. This boondoggle has nothing to do with the types of wars the US can expect to fight in the future and everything to do with socialism for the defense industry.
Reply | Report Abuse | Link to thisFrankly, I think it would be a good thing if more of our government's computer systems were hacked into but the info retrieved should be made public. Governmental secrecy passed all bounds of reason many years ago and we the people shouldn't put up with it any more. Government secrets should be restricted by law to details about pending and ongoing military operations. Weapons system secrecy only leads to international arms races and escalating hostility between nations.
Reply | Report Abuse | Link to thisThink about whos the closest behind us in superior aircraft? Russia; they have some of the best hackers on the job and they cant get enough of this. This is very disappointing.... info like this should not be able to be taken as easily and sercretivly and to not even identify the person or persons resposible..
Reply | Report Abuse | Link to thisImagine this: You know that you have information that is valuable and prime hackers are surely going to try to get it. Would it not make sense to create a challenging but false target for the hackers, let them break in--but make it hard so they come away convinced that they have accomplished something--and then publicize the break-in to make the hackers think they got prize information, when in fact you fed them persuasive garbage. A convoluted description, but do you get my drift?
Reply | Report Abuse | Link to thisGreat 7,000 year old trick from Homers' epic poems. The old misinformation ploy fools them every time.
Reply | Report Abuse | Link to this$300 billion dollars for an airplane is still the more impressive scheme.
If this article on hackers interests you and you are currently researching new ideas to respond to the mounting challenges in cyber security you should take a look at the Global Security Challenge website: www.globalsecuritychallenge.com.
Reply | Report Abuse | Link to thisWe have launched a new award (�9,000 GBP cash grant, mentorship from a top VC and invaluable publicity) for researchers and small companies developing new technologies in cyber security. The judging for this award will focus mainly on the disruptive potential of the technology and less on the idea's maturity. Entry is free and the closing date is 15 May 2009.
If this article about hackers interests you and you are currently researching new ideas to respond to the mounting challenges in cyber security you should take a look at the Global Security Challenge website: www.globalsecuritychallenge.com.
Reply | Report Abuse | Link to thisWe have launched a new award (£9,000 GBP cash grant, mentorship from a top VC and invaluable publicity) for researchers and small companies developing new technologies in cyber security. The judging for this award will focus mainly on the disruptive potential of the technology and less on the idea's maturity. Entry is free and the closing date is 15 May 2009.