WSJ Screams: Get the Chinese Out of Our Joint Strike Fighter Computers!

I think the Wall Street Journal is turning into the cyber equivalent of Chicken Little when it comes to Chinese Hackers. A couple of weeks ago they ran a story about Chinese Hackers trying to shut down the power grid, threatening to plunge the country back to the 18th century. Now they are screaming about the Joint Strike fighter program and how the Chinese have stolen the plans. Or at least, they stole something, no one really knows because it was encrypted… but everyone should panic anyways!

From the WSJ here:

Computer spies have broken into the Pentagon’s $300 billion Joint Strike Fighter project — the Defense Department’s costliest weapons program ever — according to current and former government officials familiar with the attacks. Joint Strike Fighter test aircraft are already flying, and money to build the jet is included in the Pentagon’s budget for this year and next.

The intruders were able to copy and siphon off several terabytes of data related to design and electronics systems, potentially making it easier to defend against the craft.

Six current and former officials familiar with the matter confirmed that the fighter program had been repeatedly broken into.  They say the attacks appear to have originated in China.

Computer systems involved with the program appear to have been infiltrated at least as far back as 2007. Evidence of penetrations continued to be discovered at least into 2008. The intruders appear to have been interested in data about the design of the plane, its performance statistics and its electronic systems.

The intruders compromised the system responsible for diagnosing a plane’s maintenance problems during flight. However, the plane’s most vital systems — such as flight controls and sensors — are physically isolated from the publicly accessible Internet, they said.

The intruders entered through vulnerabilities in the networks of two or three contractors helping to build the high-tech fighter jet. The spies inserted technology that encrypts the data as it’s being stolen; as a result, investigators can’t tell exactly what data has been taken.

Many details couldn’t be learned, including the specific identity of the attackers, and the scope of the damage to the U.S. defense program, either in financial or security terms. In addition, while the spies were able to download sizable amounts of data related to the jet-fighter, they weren’t able to access the most sensitive material, which is stored on computers not connected to the Internet. Investigators traced the penetrations back with a “high level of certainty” to known Chinese Internet protocol, or IP, addresses.

There have been multiple reports of chinese trojans that siphon off documents from victim machines.  The WSJ is panicking about the fact that these trojans have been on a few critical systems owned by DoD contractors.  But these trojans are everywhere-  banking computers, computers in law firms, and even in high schools.  And documents are indeed being stolen, including legal briefs and 11th grade homework assignments. And yeah, probably a few documents and internal memos related to defense contracting, and not just with the Joint Strike Fighter mission.

If the WSJ wants to be alarmed, they should find out how many of these same people who don’t patch their computers and allow Chinese trojans onto their systems – also leave their laptops in unlocked cars outside of bars during Happy Hour, where they are routinely stolen and sold on Craigslist.

The point is that data on an internet accessible machine is always vulnerable, and workers in the defense industry by and large know this.  Such computers are never supposed to have classified information on them, under penalty of law and under threat of having their contracts revoked. Any exfiltrated data may have been sensitive but it was unclassified.

And besides, what will the Chinese do with the information?  Build their own warplanes with our designs?  If there are any vulnerabilities in the fighter design, the Chinese only have the partial plans.  We have all of it.  And don’t get me started on Asian drivers pilots.