Confidential report lists U.S. weapons system designs compromised by Chinese cyberspies

Designs for many of the nation’s most sensitive advanced weapons systems have been compromised by Chinese hackers, according to a report prepared for the Pentagon and to officials from government and the defense industry.

Among more than two dozen major weapons systems whose designs were breached were programs critical to U.S. missile defenses and combat aircraft and ships, according to a previously undisclosed section of a confidential report prepared for Pentagon leaders by the Defense Science Board. Continue reading

Cyber-attackers penetrate Reserve Bank networks

The Reserve Bank of Australia’s computer networks have been repeatedly and successfully hacked in a series of cyber-attacks to infiltrate sensitive internal information, including by ­Chinese-developed malicious software.

The RBA is sufficiently concerned about these risks that it has had a private security firm carry out “penetration testing”, or authorised hacking, of its computer networks to assess the integrity of its digital defences. Continue reading

Chinese Army Unit Is Seen as Tied to Hacking Against U.S.

Headquarters building of PLA Unit 61398

On the outskirts of Shanghai, in a run-down neighborhood dominated by a 12-story white office tower, sits a People’s Liberation Army base for China’s growing corps of cyberwarriors.

The building off Datong Road, surrounded by restaurants, massage parlors and a wine importer, is the headquarters of P.L.A. Unit 61398. A growing body of digital forensic evidence — confirmed by American intelligence officials who say they have tapped into the activity of the army unit for years — leaves little doubt that an overwhelming percentage of the attacks on American corporations, organizations and government agencies originate in and around the white tower.

An unusually detailed 60-page study, to be released Tuesday by Mandiant, an American computer security firm, tracks for the first time individual members of the most sophisticated of the Chinese hacking groups — known to many of its victims in the United States as “Comment Crew” or “Shanghai Group” — to the doorstep of the military unit’s headquarters. The firm was not able to place the hackers inside the 12-story building, but makes a case there is no other plausible explanation for why so many attacks come out of one comparatively small area. Continue reading

Cyber Blitz

A recent series of cyber attacks on Japanese Internet sites originated in China and were viewed as a possible prelude to military action, according to defense officials familiar with details of the attacks.

Japan’s National Police Agency revealed last week that at least 19 Japanese websites were hit by cyber attacks timed to increase tensions between Tokyo and Beijing over the Senkaku islands.

U.S. officials said the sites affected included Japan’s Defense Ministry, Internal Affairs and Communications Ministry, and the country’s supreme court. Banking and utilities networks also were hit.

Other sites that were attacked included Japan’s Statistics Bureau and the government’s Internet TV, which were temporarily blocked. A university hospital network also was hit.

Earlier this month, up to six Chinese military vessels moved into Japanese waters and then withdrew, Japan’s coast guard reported.

According to one U.S. official, the Chinese-origin cyber attacks are considered a preview of how China’s military would conduct the opening phase of a military campaign. The official did not say China is preparing some type of military engagement with Japan over the islands, but warned that one could erupt through miscalculation.

The latest cyber attacks began in mid-September and appeared timed to Beijing’s growing animosity toward Japan over the island dispute.

The Japanese police said in a statement that the cyber attacks were “presumably connected” to the islands dispute. The attack targets were posted on the web site of the Chinese hacker group “Honker Union” and included “government executive agencies and important infrastructure companies.”

The National Police Agency stepped up monitoring of websites through the Cyber Force Center and alerted organizations listed as the attack targets. The center was seeking to analyze the attacks and prevent their spread, the statement said.

Tatsuo Kawabata, Internal Affairs and Communications minister, told Kyodo News that the ministry’s network was hit with an intermittent attack for a total of seven-and-a-half hours beginning Sept. 15. The attack was most intense on Sept. 16, when 95 percent of the traffic to the site originated in China.

The recent cyber attacks appeared to be less sophisticated than the kinds of cyber attacks that the Pentagon has detected in recent years and would likely precede a military conflict.

However, the attacks also appeared designed to give China’s government deniability for the digital strikes and could also be multiple purpose strikes for both political and military goals.

Many of the attacked websites were replaced with a Chinese flag and proclamations that China owned the Senkakus.

Japan’s National Police Association reported that the Chinese hackers had targeted 300 organizations in Japan, and that several thousand Chinese had posted notices of the planned attacks and hacker tools to be used on a chat site called “YY Chat.”

An official said one Chinese group behind the attacks was identified as a well-known group that is suspected of having ties to the Chinese government.

The group is called the Honker Union and surfaced several months ago after a period of relative quiet, the official said.

Full article: Cyber Blitz (Washington Free Beacon)