The USA suffered a major breach last week as hackers from China gained access to system designs for weapons such as the Patriot PAC-3 missile. It wasn't just land systems that were spied upon but also air based systems with plans for the Black Hawk helicopter being compromised as well as the Littoral Combat ship, America's coastal defence trump card.
Although US authorities are being careful to play down the potential consequences of the breach, this is nonetheless a massive embarrassment to the state which pledged huge sums of money to counter the growing cyber threat, especially from other nations.
Security company TripWire has commented on the attack with its Chief Technology Officer, Dwayne Melancon saying:
”The report identifies the problem, but the recommendations still sound a lot like "We're developing a plan for a plan," which means the gap between attacker and defender capabilities will continue to widen. If this is the case, more critical data will be stolen and we won’t be able to do anything about it.
The attacks are obviously a concern, but the bigger issue is the ineffectiveness of the efforts thus far. In the report, the DoD says their 'numerous' efforts are fragmented and unaligned. As a result, they've declared that they are not prepared to defend against this threat.
The report also states that the use of attack tools downloaded from the Internet is 'very successful' at defeating the DoD's systems, and 'it will take years for the Department to build an effective response…' The only way to interpret this statement is that DoD’s approach to cyber security is fundamentally broken.
Structure and process can be effective cyber security tools, but the reality is that cyber attackers are extremely adaptable and nimble so a rigid approach to defense gets in the way. The key challenge for the U.S. will be "re-imagining" how we approach this battle so that we can create a much more resilient and aware set of cyber security capabilities.”
TripWire's Director of Security Operations, Andrew Storms, puts the attack into the context of modern methods of spying:
“Espionage is espionage, it’s always been a feature of international politics and it always will be. The problem is that today’s ‘secret agents’ don’t have a face and they don’t need physical access to the information they are trying to steal.
Obviously, having the secret details of your most advanced weapons systems exfiltrated is a serious indictment of our national cyber security program.”