Print 43 comment(s) - last by bjacobson.. on Apr 22 at 7:39 AM

F-35 Lightning II fighter jet  (Source: BAE)
Information regarding the U.S. government's next-generation aircraft was hacked into on numerous occasions

About 11 days after a report indicated foreign cyberspies targeted the U.S. electrical grid, another report has revealed cyberspies successfully attacked the Pentagon's Joint Strike Fighter project, according to media reports.  Several Joint Strike Fighter aircraft are already flying, with future development costs already factored into the Pentagon's budget in 2009 and 2010.

Intruders were able to copy saved information regarding the design and electronics systems of the F-35 Lightning II fighter jet, which could make it easier to defend against its capabilities.  Computer systems used for the project were originally compromised as early as 2007, and have continued to be targeted by intruders.

Whoever was hacking into the system investigated the plane's design, performance statistics, and specific details regarding its electronic systems, according to the official.  It appears computer networks used by contractors can be blamed for the original security breach, sources said.  Lockheed Martin, Northrop Grumman, and BAE System are working on the project alongside the US government.

The most sensitive information -- which is stored on computers not connected to the internet -- was not breached by intruders, it was reported.  All information stolen was encrypted during the theft, which has made it nearly impossible for government security experts to see which information was compromised.

The Air Force declined to make a statement to the Wall Street Journal, but an internal investigation was reportedly launched into the matter.  It appears the attacks originated to Chinese IP addresses, investigators said with a "high level of certainty."

The federal government is aware there is a growing cyber threat from organized computer hacking rings, but has been very slow to react to the new threats.  Hackers have targeted the Federal Aviation Administration (FAA)'s air traffic control system, along with the U.S. power infrastructure.

Many western nations, including officials in the U.S., blame China for launching organized attacks against numerous targets, though the Chinese government has shrugged off numerous accusations.  The country "opposes and forbids all forms of cyber crimes," according to a statement issued by the Chinese Embassy.

Comments     Threshold

This article is over a month old, voting and posting comments is disabled

Dumb Question...
By jskirwin on 4/21/2009 9:08:50 AM , Rating: 2
... but why are Top Secret networks hooked up to the internet? Shouldn't they be completely isolated?

RE: Dumb Question...
By jarman on 4/21/2009 9:10:44 AM , Rating: 3
They aren't. Period. Much ado about nothing... FOUO information at best...

RE: Dumb Question...
By jskirwin on 4/21/2009 9:16:49 AM , Rating: 2
(from the WSJ article): The intruders compromised the system responsible for diagnosing a plane's maintenance problems during flight, according to officials familiar with the matter. However, the plane's most vital systems -- such as flight controls and sensors -- are physically isolated from the publicly accessible Internet, they said.

So they got the Top Secret information that was NOT isolated from the Internet, but didn't get the info that WAS isolated... So put everything you don't want spies to get on the isolated network. Problem solved, right?

RE: Dumb Question...
By jarman on 4/21/2009 9:25:16 AM , Rating: 2
The most sensitive information -- which is stored on computers not connected to the internet -- was not breached by intruders, it was reported...

RE: Dumb Question...
By Master Kenobi on 4/21/2009 9:28:13 AM , Rating: 1
Ditto. All the top secret information is not connected to the internet. Standard practice on all classified projects.

RE: Dumb Question...
By Mojo the Monkey on 4/21/2009 12:27:01 PM , Rating: 4
Or maybe they just say this to save face. It wouldnt be the first time.

"They didnt get our super secret radar jamming thingy."

("Johnson, quick, get to work on a super secret radar jamming thingy!!")

RE: Dumb Question...
By FITCamaro on 4/21/2009 9:35:06 AM , Rating: 1
They didn't get any Top Secret information. They got unclassified data.

RE: Dumb Question...
By DeSade on 4/21/2009 9:34:40 AM , Rating: 2
Like jarman said above, the information that they were able to pull was FOUO (For Official Use Only). It is unclassified, but still not meant to be seen by everybody.

RE: Dumb Question...
By Baov on 4/21/2009 8:22:04 PM , Rating: 2
What does isolated mean? That to get info from it, you got to put it on a floppy and run to a computer with internet access?

RE: Dumb Question...
By bjacobson on 4/22/2009 7:39:05 AM , Rating: 2
Well, I doubt they would use a floppy, but yes, similar idea.

RE: Dumb Question...
By FITCamaro on 4/21/2009 9:32:36 AM , Rating: 2

Nearly all defense contractors have their data on servers connected to the internet. Because sometimes data needs to be accessed remotely over a secure connection or they need to do a data drop to a subcontractor. I'm sure there is certain data that they aren't allowed to have connected but the vast majority of it is.

RE: Dumb Question...
By FITCamaro on 4/21/2009 9:36:11 AM , Rating: 2
Let me clarify that the data defense contractors have connected to the internet is unclassified data but still subject to Export Control laws.

RE: Dumb Question...
By smackababy on 4/21/2009 9:38:53 AM , Rating: 2
None of the contractors I work with are allowed to connect remotely to their computers or data. Granted, I am in a coding shop so there might not be much need, but still.

Also, in order to be given a job concerning data of this nature, you need a Top Secret sercurity clearance. Not much of a chance for people already defected to "the enemy" going to get in.

RE: Dumb Question...
By FITCamaro on 4/21/2009 9:45:33 AM , Rating: 2
We are an F35 contractor here and do not require a clearance (otherwise we're in BIG trouble).

We likely have some of the data that was stolen by the sound of it. Not all data is the same. Some requires clearance, some doesn't. What was stolen does not.

RE: Dumb Question...
By DeSade on 4/21/2009 9:49:29 AM , Rating: 2
Off topic: How are you in big trouble by not requiring a clearance? Or am I just reading that incorrectly?

RE: Dumb Question...
By omnicronx on 4/21/2009 10:04:22 AM , Rating: 2
Or am I just reading that incorrectly?
Hes saying if clearance was required, his work is not currently operating that way, and thus his work would be in big trouble.

RE: Dumb Question...
By DeSade on 4/21/2009 10:07:03 AM , Rating: 2
Oh ok, thanks omnicronx for clearing that up for me.

RE: Dumb Question...
By Bender 123 on 4/21/2009 10:18:17 AM , Rating: 5
Dr Baltar...Paging Dr Baltar...A blond women is waiting for you by the defense system...

RE: Dumb Question...
By poundsmack on 4/21/2009 1:37:41 PM , Rating: 2
It used to be that the government had a different system. Here is a good video that gives a brief history.

"Let's face it, we're not changing the world. We're building a product that helps people buy more crap - and watch porn." -- Seagate CEO Bill Watkins
Related Articles

Copyright 2016 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki