China Cyberspies Outwit U.S. Stealing Military Secrets
Among defense contractors, QinetiQ North America (QQ/) is known for spy-world connections and an eye- popping product line. Its contributions to national security include secret satellites, drones, and software used by U.S. special forces in Afghanistan and the Middle East. Former CIA Director George Tenet was a director of the company from 2006 to 2008 and former Pentagon spy chief Stephen Cambone heads a major division. Its U.K. parent was created as a spinoff of a government weapons laboratory that inspired Q’s lab in Ian Fleming’s James Bond thrillers, a connection QinetiQ (pronounced kin-EH-tic) still touts. QinetiQ’s espionage expertise didn’t keep Chinese cyber- spies from outwitting the company. In a three-year operation, hackers linked to China’s military infiltrated QinetiQ’s computers and compromised most if not all of the company’s research. At one point, they logged into the company’s network by taking advantage of a security flaw identified months earlier and never fixed. “We found traces of the intruders in many of their divisions and across most of their product lines,” said Christopher Day, until February a senior vice president for Verizon Communications Inc. (VZ)’s Terremark security division, which was hired twice by QinetiQ to investigate the break-ins. “There was virtually no place we looked where we didn’t find them.”
Cyber Pillage
QinetiQ was only one target in a broader cyber pillage. Beginning at least as early as 2007, Chinese computer spies raided the databanks of almost every major U.S. defense contractor and made off with some of the country’s most closely guarded technological secrets, according to two former Pentagon officials who asked not to be named because damage assessments of the incidents remain classified. As the White House moves to confront China over its theft of U.S. technology through hacking, policy makers are faced with the question of how much damage has already been done. During their multiyear assault on defense contractors, the spies stole several terabytes -- equal to hundreds of millions of pages --of documents and data on weapons programs, dwarfing in sheer quantity any theft of Cold War secrets. The QinetiQ hack may have compromised information vital to national security, such as the deployment and capabilities of the combat helicopter fleet. “The line forms to the left when it comes to defense contractors that have been hacked,” said James Lewis, a senior fellow in cyber security at the Center for Strategic and International Studies in Wa
“The damage has been significant.”
A few of the attacks have become public, including the 2007 theft from Lockheed Martin Corp. (LMT) of technology related to the F- 35, the most advanced U.S. fighter jet. Intelligence officials say the damage is far more extensive than the limited public accounting suggests, and that China-based hackers have acquired data on a large number of major weapons systems and many minor ones. One former intelligence official described internal Pentagon discussions over whether another Lockheed Martin fighter jet, the F-22 Raptor, could safely be deployed in combat, because several subcontractors had been hacked. In 2007-2008, the Pentagon gave secret briefings to about 30 defense companies alerting them to the aggressive spying effort and providing data to help defend against it, according to a person familiar with the process. The person did not know whether QinetiQ received the classified intelligence. Investigators eventually identified the Shanghai-based hackers that broke into QinetiQ as a crack team, nicknamed the Comment Crew by security experts, which has also hit major corporations and political figures, including the 2008 presidential campaigns of Barack Obama and John McCain. At least one other Chinese hacking team also may have been involved, according to a person familiar with the investigation.
, who heads the Nonproliferation Policy Education Center, a Washington think tank. "Such nuclear tit-for-tats-manship could get ugly." [
when I wrote 