OFFICIALS: China Hacked US Defense Contractors 20 Times In Just One Year
According to the report, investigators found roughly 50 "intrusions or other cyber events" in the network of US contractors working with US Transportation Command. At least 20 of those intrusions were successful, the committee said, and were attributed to "sophisticated threats commonly associated with governments." Of those 20 intrusions, TRANSCOM was reportedly only aware of two.
The investigation specifically found "Chinese military" hackers broke into the systems of a number of key institutions, including at least one ship. Once inside, the hackers gathered passwords, encryptions, and more.
Here are some of the specific incidents described in the report:
- A Chinese military intrusion into a TRANSCOM contractor between 2008 and 2010 that compromised emails, documents, user passwords and computer code.
- A 2010 intrusion by the Chinese military into the network of a CRAF contractor in which documents, flight details, credentials and passwords for encrypted email were stolen.
- A 2012 Chinese military intrusion into multiple systems onboard a commercial ship contracted by TRANSCOM.
Sen. Carl Levin (D-Michigan), the chair of the committee, released a statement calling the report "a warning that we must do much more" to protect the computer systems of defense contractors.
"These peacetime intrusions into the networks of key defense contractors are more evidence of China's aggressive actions in cyberspace," Levin said. "Our findings are a warning that we must do much more to protect strategically significant systems from attack and to share information about intrusions when they do occur."
Sen. Jim Inhofe (R-Oklahoma), the ranking Republican on the committee, further urged the creation of a "central clearinghouse" for contractors to detect and relay cyber attacks to higher military authorities.
"We must ensure that cyber intrusions cannot disrupt our mission readiness," Inhofe said. "It is essential that we put into place a central clearinghouse that makes it easy for critical contractors, particular those that are small businesses, to report suspicious cyber activity without adding a burden to their mission support operations."