Hackers Breach the Joint Strike Fighter Program

Cyberwarfare ratchets up as intruders siphon information from the Pentagon's most sensitive and expensive weapons program. Are Chinese hackers responsible?

After frightening revelations that hackers have already managed to break into the computer systems that control huge swaths of the United States’ power grid and other pieces of national infrastructure, the Wall Street Journal reports that cyber-spies have broken into the Pentagon’s Joint Strike Fighter program — its costliest initiative — and made off with several terabytes of sensitive data. Hackers have also managed to get into the Air Force’s air-traffic-control system, the Journal reports.

The identity and national origin of the hackers can’t be reliably determined, but the Journal cites former U.S. officials as saying that the attacks seem to have come from computers in China. Because it’s such an easy matter to mask one’s IP address online, however, the source of the attacks is nearly impossible to determine definitively.

China’s state-run Global Times newspaper responded that Chinese citizens couldn’t have been responsible, because “from a technical point of view, on the global scale hackers in the U.S., Russia, and Israel are at a higher level than those in China.” But our recent reporting on the culture of hacking in China suggests that the Global Times‘s low opinion of its country’s hackers isn’t justified — or at least it won’t be for long. A Pentagon report released when our article was published last month says that China has made “steady progress” in refining new cyberwarfare strategies and techniques. And as our writer Mara Hvistendahl discovered in China, there’s an ever-more-vague distinction between the civilian and military roles of hackers there. Nationalistic young people, responding to a surge of popular esteem for hackers, compete among each other for bragging rights. The Chinese military, meanwhile, sponsors hacker competitions and hand-picks particularly skilled operatives for vaguely defined state-sponsored contracts. Nationalistic civilian hackers, it seems, are just as dangerous to the United States as a centralized military “hacker command”.

And as Hvistendahl’s article points out, the threat from hackers — Chinese hackers in particular — has been thoroughly overlooked. The United States has no centralized force for defending against such attacks (although the Obama administration is rumored to be planning a military command for cybersecurity). And in the meantime, offices across the U.S. are under siege. The Associated Press quotes New York Police Commissioner Raymond Kelly as saying that the New York Police Department is attacked at least 70,000 times each day, although no attack has yet been successful. As the Wall Street Journal so frighteningly puts it: “Attacks like these — or U.S. awareness of them — appear to have escalated in the past six months, said one former official briefed on the matter.”