Hackers allegedly supported by the Chinese government have infiltrated the systems of civilian airlines, transport services, shipping firms and other private companies serving as military contractors multiple times, according to a new report made public by the Senate Armed Services Committee.
Following a year-long investigation that concluded in March, the senate panel revealed that the U.S. Transport Command (Transcom) has been left mostly in the dark about the 50 cyber-intrusions that affected its private contracts. At least 20 of these intrusions, the senate committee says, have been successful in planting malicious malware that have allowed the hackers to sneak into the contractors' private networks. However, Transcom was only made aware of these attacks two times, which the senate committee finds "a troubling finding given the potential impact of cyber intrusions on defense information and operations."
Transcom is one of the nine commands of the Department of Defense and is responsible for transporting people, food, fuel, ammunition and other supplies in times of crisis. Committee chairman Sen. Carl Levin of Michigan says the cyber-attacks, which involved stealing usernames and passwords, documents and email content, have the "potential to impact military operations" because the military relies largely on its vast network of contractors for deployment of people and supplies during emergency situations.
"Peacetime cyber compromises of the networks of operationally critical contractors could prove valuable to foreign governments as a source of intelligence about network operations or to establish a foothold in contractor networks, either of which could be exploited in a contingency," says the committee.
The report says 12 contractors were found to have their systems breached, but the committee did not specify what these companies were. Bloomberg Intelligence has conducted an investigation to find out the top Transcom contractors based on the number of contracts awarded since 2010. These companies include FedEx, Evergreen Holdings, A.P. Moeller-Maersk, United Parcel Service and Neptune Orient Lines.
Dmitri Alperovitch, chief technology officer of online security firm Crowdstrike, says that the Chinese government has long been interested in the U.S. military's logistical operations. The senate committee agrees to this assertion, saying that knowledge of the military's logistical patterns allows the Chinese to prevent the Pentagon from efficiently responding during emergencies.
The Chinese government, through the Chinese embassy in Washington, denies the allegations made by the senate committee.
"Judging from past experience, those kinds of reports and allegations are usually based on fabricated facts and groundless," says Chinese embassy spokesperson Geng Shuang.
