A senior military advisory panel claims the Pentagon is “unprepared to counter a full-scale cyber-conflict” and that more than two dozen major military weapons systems may have already been compromised by Chinese hackers.
The systems, which relate to U.S. missile defenses, combat aircraft and military ships, were made public this week by the Washington Post after obtaining a confidential version of a Defense Science Board report that was partially released to the public earlier this year.
The Defense Science Board, which is made up of government and civilian military experts, did not accuse the Chinese of the attacks in their report, but the Post article cites senior military and industry officials who say the weapons breaches are part of a rapidly expanding campaign of cyber-espionage by the Chinese government.
Among the compromised weapons are components of the Pentagon’s regional missile defense systems for Asia, Europe, and the Persian Gulf, including designs for the Patriot (PAC-3) missile; the Terminal High Altitude Area Defense (THAAD) system for shooting down ballistic missiles; and the Navy’s Aegis ballistic-missile defense system.
The hackers also gained access to designs for aircraft like “the F/A-18 fighter jet, the V-22 Osprey, the Black Hawk helicopter and the Navy’s new Littoral Combat Ship.” The list also includes the F-35 Joint Strike Fighter, which at $1.4 trillion in development cost, is the most expensive weapons system ever built.
The list of compromised weapons from the Defense Science Board serves to highlight the rapid growth of Chinese cyber espionage, which experts say the world’s most populous nation has been able to pursue with relative impunity.
“You’ve seen significant improvements in Chinese military capabilities through their willingness to spend, their acquisitions of advanced Russian weapons, and from their cyber-espionage campaign,” said James A. Lewis, a cyber-policy expert at the Center for Strategic and International Studies, to the Washington Post.
This kind of activity has led to a ratcheting up of cybersecurity measures from the Obama administration. Earlier this year the president signed an executive order to enhance federal security online after making it a major issue in his State of the Union address.
The administration is working frantically to form a coherent defense against cyberattacks. As the Defense Science Board states in its public report, though the Department of Defense has undertaken numerous actions to defend against cyberattacks, those actions remain fragmented and inconsistent. Many of the breaches are believed to have resulted from insecure private contracter networks and networks that rely too heavily on foreign-built components.
“The United States cannot be confident that our critical Information Technology systems will work under attack from a sophisticated and well resourced opponent utilizing cyber capabilities in combination with all of their military and intelligence capabilities,” the Defense Science Board report states.
“The cyber threat is serious, with potential consequences similar in some ways to the nuclear threat of the Cold War,” the report adds.
That’s a point being underscored by an increasing number of military experts, who say the U.S. and its allies need to rethink how they classify attacks. Professor Mike Schmitt, chair of the International Law Department at the U.S. Naval War College, recently told the Daily Dot that the rules of war still favor physical attacks, even though virtual ones can be far more devastating to the nation and its economy.
“If I had to pick between destroying five houses and seriously affecting the economy, I think I’d give up the houses,” Schmitt said. “’Cyber’ takes us out of the traditional way of thinking about war.”
Photo by Rune Spaans/Flickr