US Military In The Dark On Cyberattacks Against Contractors

  /     /     /  
Publicated : 22/11/2024   Category : security


US Military In The Dark On Cyberattacks Against Contractors


A lack of communication between military contractors and government agencies about Chinese cyber espionage attacks is revealed in a new Senate report.



Communication is the key to any good relationship. Yet a new report from the US Senate Armed Services Committee shows that a lack of communication has left the US Transportation Command (Transcom) in the dark about threats to cyber security.
The
Armed Services Committee report
, released Wednesday, contends that hackers tied to the Chinese government successfully penetrated systems belonging to Transcom contractors at least 20 times during a 12-month period beginning June 1, 2012. The report is the culmination of a year-long investigation by the committee, which found that gaps in reporting requirements and a lack of information sharing between government agencies left Transcom largely unaware of the compromises.
Transcom is responsible for the movement of US troops and equipment around the globe. According to the committee, Transcom was aware of only a handful of the attacks, even though contracts mandate that contractors report certain types of incidents to the command. Though more than 80 companies are subject to the clause, the command had received only two reports of cyber intrusions until August 2013.
In addition, the report states that the FBI, the Department of Defense, the Air Force Office of Special Investigations, and the Defense Cyber Crime Center were aware of cyberattacks between June 2012 and June 2013 and failed to share the information with Transcom.
The committees findings are detailed in a report entitled Inquiry into Cyber Intrusions Affecting U.S. Transportation Command Contractors. The committee approved the report in the spring and released an unclassified version today.
During the period covered by the report, there were about 50 intrusions or cyber events into the computer networks of Transcom contractors.
These peacetime intrusions into the networks of key defense contractors are more evidence of China’s aggressive actions in cyberspace, Sen. Carl Levin (D-MI), the committees chairman, said in a committee
press release
. Our findings are a warning that we must do much more to protect strategically significant systems from attack and to share information about intrusions when they do occur.
This year, TrapX Security identified malware called
Zombie Zero
, which was delivered into enterprise shipping and logistics environments from a Chinese manufacturer responsible for selling proprietary hardware for terminal scanners used to inventory items being shipped. The malware was delivered through the Windows embedded XP operating system installed on the hardware at the manufacturers location in China and could be downloaded from the Chinese manufacturers support website.
[Zombie Zero is still actively pushing rigged handheld scanning devices, reviving concerns about doing business with Chinese tech companies. Read
Chinese Hackers Target Logistics & Shipping Firms With Poisoned Inventory Scanners
.]
It is just as important in todays world to protect our countrys critical information systems and infrastructure as it is to protect sea lanes and foreign economic interests, said Carl Wright, general manager of TrapX and former CISO of the US Marine Corps.
Though Transcom attributed all 20 intrusions in the report to China, FireEye researchers Jen Weedon and Kristen Dennesen wrote in
a blog post
that the Chinese government is not the only player in the game. Suspected Russian attackers have been targeting a defense technology company, and an Iranian group targeted US defense contractors in Operation Saffron Rose.
Multiple threat groups appear to have a firm understanding of the Aerospace and Defense supply chains, including the relationships between organizations and specific projects in the industry, Weedon and Dennesen wrote. In multiple instances, cyber espionage groups have targeted information about specific projects across several companies. Similarly, we have observed threat groups target the entire Aerospace and Defense manufacturing production cycle, from research and development through testing and production, all the way to product launch.
We must ensure that cyber intrusions cannot disrupt our mission readiness Sen. Jim Inhofe (R-OK), the committees ranking Republican, said in the release. It is essential that we put into place a central clearinghouse that makes it easy for critical contractors, particular those that are small businesses, to report suspicious cyber activity without adding a burden to their mission support operations.

Last News

▸ 7 arrested, 3 more charged in StubHub cyber fraud ring. ◂
Discovered: 23/12/2024
Category: security

▸ Nigerian scammers now turning into mediocre malware pushers. ◂
Discovered: 23/12/2024
Category: security

▸ Beware EMV may not fully protect against skilled thieves. ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
US Military In The Dark On Cyberattacks Against Contractors