WASHINGTON – Chinese government-backed hackers accessed networks of private-sector firms with sensitive data about U.S. military logistics nearly two dozen times in one year, says a Senate committee.

In a report summarizing a lengthy investigation, the Senate Armed Services Committee determined senior brass at U.S. Transportation Command, the military's logistical hub, typically were unaware of the network violations.

Collectively, the 20 contractor network penetrations "show vulnerabilities in the military's system to deploy troops and equipment in a crisis," states a SASC summary of the investigation.

"These were not just commercial intrusions," committee Chairman Sen. Carl Levin, D-Mich., told reporters Wednesday. "The point here is these [intrusions] have got security implications."

Levin and SASC Ranking Member Sen. James Inhofe, R-Okla., warned their 12-month investigation reveals even more than previously known about Beijing's involvement in hacking from its own soil.

"These peacetime intrusions into the networks of key defense contractors are more evidence of China's aggressive actions in cyberspace," Levin said. "Our findings are a warning that we must do more to protect strategically significant systems from attack and to share information about intrusions when they do occur."

Inhofe said it is "essential that we put in place a central clearing house that makes it easy for critical contractors, particularly those that are small businesses, to report suspicious cyber activity without adding a burden to their mission-support operations."

The committee's 2015 Pentagon policy bill contains a provision that would establish an office within DoD to collect network-penetration information and ensure it gets to every level it needs to, Levin said.

The chairman said he "has confidence" the Chinese government "is continuing to do what it has been doing."

"We must take steps to defend against that, and where we get info, we have to ensure it gets to the right people," Levin said, warning that top TRANSCOM officials in almost all of the contractor breach incidents were "in the dark."

Among the panel's findings:

■ "A Chinese military intrusion into a TransCom contractor between 2008 and 2010 that compromised emails, documents, user passwords and computer code."

■ "A 2010 intrusion by the Chinese military into the network of a [civilian] contractor in which documents, flight details, credentials and passwords for encrypted email were stolen."

■ "A 2012 Chinese military intrusion into multiple systems onboard a commercial ship contracted by TransCom."

Share:
In Other News
Load More