CHINESE computer spies are suspected of having cracked the Pentagon's $500 billion Joint Strike Fighter program, accessing top-secret files containing details of the aircraft's stealth design and electronics.

Details of the brazen break-in were reported yesterday in The Wall Street Journal newspaper, citing current and former US government officials.

The Royal Australian Air Force has placed a tentative order for 100 of the F-35 JSFs for about $16 billion, easily making it Australia's biggest defence purchase.

Last night, Defence confirmed it was aware of the report and was seeking more information. "Defence has seen the US reports and will discuss the issues raised with the JSF Program office in due course," it said in a written response to questions from The Australian.

A Canberra-based spokesman for the JSF's maker, Lockheed Martin, said a statement was expected today from head office in the US.

The JSF program is the US Defence Department's costliest, and according to the WSJ, the spies were able to siphon off "terabytes of data related to design and electronics systems", potentially making it easier to defend against the stealth-protected aircraft.

"Former US officials say the attacks appear to have originated in China. However, it can be extremely difficult to determine the true origin because it is easy to mask identities online," the WSJ said.

Unnamed US officials are quoted as saying cyber attacks on military projects appear to have escalated in the past six months.

According to the WSJ, a Pentagon report issued last month warned that the Chinese military had made "steady progress" in developing online-warfare techniques.

China hopes its computer skills can help it compensate

for an underdeveloped military, it said.

The F-35 JSF has proved a contentious buy, with critics saying the Rudd Government should have been more forceful in trying to pursuade the US to sell the RAAF the more expensive F-22 Raptor.

Unlike the JSF, the Raptor is operational but prohibited from export.

The JSF is intended to replace the ageing fleet of F-111 strike aircraft and the frontline F/A-18 jet fighters.

While Australia can expect to retain a technology edge over its immediate neighbours in Southeast Asia, China will acquire 500-600 advanced fighter bombers over the next 30 years and is expected to surpass the US as the leading air power in East Asia

http://www.theaustralian.news.com.au/story/0,25197,25368297-31477,00.html

Obviously the article has a Aussie slant but nonetheless it's concerning for all the countries involved in the JSF project.


According to the WSJ, a Pentagon report issued last month warned that the Chinese military had made "steady progress" in developing online-warfare techniques.

I hope we're at least on par.

I think this is brilliant :thumb001:

The Chinese are industrious people who are obviously diversifying their military intelligence sector - kudos to them.

We, on the other hand, are dumb enough to still be transferring and storing military information on the world wide web.

Why they don't establish and use a more secure (or internal??) military network is simply beyond me.

It serves them right :coffee:

We, on the other hand, are dumb enough to still be transferring and storing military information on the world wide web.

Why they don't establish and use a more secure (or internal??) military network is simply beyond me.

According to a discussion on one of the news/talk radio programs here, it was on an internal (not on internet) network. The security breach was blamed on Lockheed Martin outsourcing some work on the plane outside the US, apparently the access was gained via Turkey and 'another country' which is probably Israel. I'm not sure exactly what the original source is for these claims, and the US government is keeping tight-lipped about the incident.

Edit: Found the article. Apparently the most secret info was not on internet-connected computers, but some data was accessed probably by China, at least some breaches occurring via Turkey and 'another country':

http://online.wsj.com/article/SB124027491029837401.html

Computer spies have broken into the Pentagon's $300 billion Joint Strike Fighter project -- the Defense Department's costliest weapons program ever -- according to current and former government officials familiar with the attacks.

Similar incidents have also breached the Air Force's air-traffic-control system in recent months, these people say. In the case of the fighter-jet program, the intruders were able to copy and siphon off several terabytes of data related to design and electronics systems, officials say, potentially making it easier to defend against the craft.

The latest intrusions provide new evidence that a battle is heating up between the U.S. and potential adversaries over the data networks that tie the world together. The revelations follow a recent Wall Street Journal report that computers used to control the U.S. electrical-distribution system, as well as other infrastructure, have also been infiltrated by spies abroad.

Attacks like these -- or U.S. awareness of them -- appear to have escalated in the past six months, said one former official briefed on the matter. "There's never been anything like it," this person said, adding that other military and civilian agencies as well as private companies are affected. "It's everything that keeps this country going."

Many details couldn't be learned, including the specific identity of the attackers, and the scope of the damage to the U.S. defense program, either in financial or security terms. In addition, while the spies were able to download sizable amounts of data related to the jet-fighter, they weren't able to access the most sensitive material, which is stored on computers not connected to the Internet.

Former U.S. officials say the attacks appear to have originated in China. However it can be extremely difficult to determine the true origin because it is easy to mask identities online.

A Pentagon report issued last month said that the Chinese military has made "steady progress" in developing online-warfare techniques. China hopes its computer skills can help it compensate for an underdeveloped military, the report said.

The Chinese Embassy said in a statement that China "opposes and forbids all forms of cyber crimes." It called the Pentagon's report "a product of the Cold War mentality" and said the allegations of cyber espionage are "intentionally fabricated to fan up China threat sensations."

The U.S. has no single government or military office responsible for cyber security. The Obama administration is likely to soon propose creating a senior White House computer-security post to coordinate policy and a new military command that would take the lead in protecting key computer networks from intrusions, according to senior officials.

The Bush administration planned to spend about $17 billion over several years on a new online-security initiative and the Obama administration has indicated it could expand on that. Spending on this scale would represent a potential windfall for government agencies and private contractors at a time of falling budgets. While specialists broadly agree that the threat is growing, there is debate about how much to spend in defending against attacks.

The Joint Strike Fighter, also known as the F-35 Lightning II, is the costliest and most technically challenging weapons program the Pentagon has ever attempted. The plane, led by Lockheed Martin Corp., relies on 7.5 million lines of computer code, which the Government Accountability Office said is more than triple the amount used in the current top Air Force fighter.

Six current and former officials familiar with the matter confirmed that the fighter program had been repeatedly broken into. The Air Force has launched an investigation.

Pentagon officials declined to comment directly on the Joint Strike Fighter compromises. Pentagon systems "are probed daily," said Air Force Lt. Col. Eric Butterbaugh, a Pentagon spokesman. "We aggressively monitor our networks for intrusions and have appropriate procedures to address these threats." U.S. counterintelligence chief Joel Brenner, speaking earlier this month to a business audience in Austin, Texas, warned that fighter-jet programs have been compromised.

Foreign allies are helping develop the aircraft, which opens up other avenues of attack for spies online. At least one breach appears to have occurred in Turkey and another country that is a U.S. ally, according to people familiar with the matter.

Joint Strike Fighter test aircraft are already flying, and money to build the jet is included in the Pentagon's budget for this year and next.

Computer systems involved with the program appear to have been infiltrated at least as far back as 2007, according to people familiar with the matter. Evidence of penetrations continued to be discovered at least into 2008. The intruders appear to have been interested in data about the design of the plane, its performance statistics and its electronic systems, former officials said.

The intruders compromised the system responsible for diagnosing a plane's maintenance problems during flight, according to officials familiar with the matter. However, the plane's most vital systems -- such as flight controls and sensors -- are physically isolated from the publicly accessible Internet, they said.

The intruders entered through vulnerabilities in the networks of two or three contractors helping to build the high-tech fighter jet, according to people who have been briefed on the matter. Lockheed Martin is the lead contractor on the program, and Northrop Grumman Corp. and BAE Systems PLC also play major roles in its development.

Lockheed Martin and BAE declined to comment. Northrop referred questions to Lockheed.

The spies inserted technology that encrypts the data as it's being stolen; as a result, investigators can't tell exactly what data has been taken. A former Pentagon official said the military carried out a thorough cleanup.

Fighting online attacks like these is particularly difficult because defense contractors may have uneven network security, but the Pentagon is reliant on them to perform sensitive work. In the past year, the Pentagon has stepped up efforts to work with contractors to improve computer security.

Investigators traced the penetrations back with a "high level of certainty" to known Chinese Internet protocol, or IP, addresses and digital fingerprints that had been used for attacks in the past, said a person briefed on the matter.

As for the intrusion into the Air Force's air-traffic control systems, three current and former officials familiar with the incident said it occurred in recent months. It alarmed U.S. national security officials, particularly at the National Security Agency, because the access the spies gained could have allowed them to interfere with the system, said one former official. The danger is that intruders might find weaknesses that could be exploited to confuse or damage U.S. military craft.

Military officials declined to comment on the incident.

In his speech in Austin, Mr. Brenner, the U.S. counterintelligence chief, issued a veiled warning about threats to air traffic in the context of Chinese infiltration of U.S. networks. He spoke of his concerns about the vulnerability of U.S. air traffic control systems to cyber infiltration, adding "our networks are being mapped." He went on to warn of a potential situation where "a fighter pilot can't trust his radar."

I think that our government should withdraw from the JSF project right now.
This costly farce has been going on for too long (with Dutch taxpayers' money and empty promises) and now this situation comes along !

One thing for sure: those Chinese hackers are brilliant and they have done their country a great service but now that the secrets are on street for all to see: why should be bother to spend even one more penny on this costly farce ?