US reports 20 Chinese intrusions in TRANSCOM contractor networks
Hackers with links to the Chinese Government have successfully infiltrated the computer systems of US Transportation Command (TRANSCOM) contractors at least 20 times in a single year, a Senate Armed Services Committee report has revealed.
Entitled 'Inquiry into Cyber Intrusions Affecting US Transportation Command Contractors', the report alleges that TRANSCOM was aware of only two intrusions, even though there were approximately 50 intrusions or other cyber events into contractors' computer systems in a one-year period beginning June 2012.
The successful 20 intrusions were directed towards China, and were attributed to an 'advanced persistent threat', a term used to designate sophisticated threats commonly associated with governments.
Senate Armed Services Committee chairman Carl Levin said: "These peacetime intrusions into the networks of key defence contractors are more evidence of China's aggressive actions in cyberspace.
"Our findings are a warning that we must do much more to protect strategically significant systems from attack and to share information about intrusions when they do occur."
Senate Armed Services Committee ranking member Jim Inhofe said: "We must ensure that cyber intrusions cannot disrupt our mission readiness.
"It is essential that we put into place a central clearinghouse that makes it easy for critical contractors, particular those that are small businesses, to report suspicious cyber activity without adding a burden to their mission support operations."
The report was devised after a year-long investigation, which primarily focused on the US military's ability to tap civilian air, shipping and other transportation assets to rapidly deploy US forces worldwide in times of crisis, under programmes such as the Civil Reserve Air Fleet (CRAF).
The report also found gaps in reporting requirements and a lack of information sharing among government entities, which left TRANSCOM largely unaware of computer compromises on contractors, which are key to the mobilisation and deployment of military forces.
The US Department of Defense and the FBI were aware of at least nine other successful intrusions by China into TRANSCOM contractors, according to the report.
In response to the findings, the committee included a provision in its version of the National Defense Authorisation Act for Fiscal Year 2015, which is directed at addressing reporting gaps and improving the way in which TRANSCOM disseminates information about cyber intrusions into the computer networks of operationally critical contractors.