Computer Spies Breach $300B Fighter-Jet Project

suraj.sun writes "Computer spies have broken into the Pentagon's $300 billion Joint Strike Fighter project — the Defense Department's costliest weapons program ever — according to current and former government officials familiar with the attacks. Similar incidents have also breached the Air Force's air-traffic-control system in recent months, these people say. In the case of the fighter-jet program, the intruders were able to copy and siphon off several terabytes of data related to design and electronics systems, officials say, potentially making it easier to defend against the craft."

A project for our worst enemies

[elrous0]

Yeah--good luck with polishing THAT turd, China.

Re:A project for our worst enemies

[joocemann]

Yeah--good luck with polishing THAT turd, China.

Speaking of polishing turds. Is anyone else a bit appalled at the fact that we're spending 300 BILLION dollars on a fighter jet project? Come the **** on... We can already kick everyone on the planet's ass with amazing efficiency... Why more?

Lets check the KDR

~100k Iraqis vs ~4k US ... That's 25:1! And that's a very conservative estimate for Iraqi death.

It's not like we're ever going to war with a sophisticated Army anyway, they're all on our side!

300 billion dollars on new jets... I wish I had the $1000/citizen in tax dollars spent on something worthwhile.

Oops, sorry...that was me

I thought I was downloading the latest Windows 7 beta candidate
boy is my face red.

(ob: what's that knock on my door, I'll be *NO CARRIER*)

Re:Oops, sorry...that was me

[Arthur+Grumbine]

Note to self - do not end *NO CARRIER* joke with a closing parenthesis

Re:Oops, sorry...that was me

[ciggieposeur]

Note to AC: do not reply to yourself with a "note to self" using your real ID.

Only a few terabytes?

[Kayden]

What kind of connection do you need to have to get away with several terabytes of data before someone notices? Users on my network get pissy when someone downloads a few dozen megs.

Re:Only a few terabytes?

[Spazztastic]

What kind of connection do you need to have to get away with several terabytes of data before someone notices? Users on my network get pissy when someone downloads a few dozen megs.

Probably because they aren't on some residential asynchronous connection. I imagine them to be on at least something near a SONET connection.

Re:Only a few terabytes?

[Opportunist]

(cue spy mike in the cafeteria a few days ago)

"Bob, is it me or is the network reeeeally slow again t'day?"
"Yeah, wonder what the goons in IT are pissin' with today. Wish they'd tell us that before they start rewiring everything."

Re:Only a few terabytes?

[aliquis]

As a Swedish pirate with a fast cheap Internet connection all I can say is:

Future Gripen upgrade is imminent, take that Norway! :D

Welcome to the future.

Re:Only a few terabytes?

[TheRaven64]

They probably trickled it out over a long period. The more interesting question is how long ago the DoD noticed the breach and started providing doctored information. In the Soviet era, it was common to use this kind of thing for misinformation. Once a project has been compromised, you feed plausible-looking but wrong information down the leaking conduit for as long as possible. There was an interesting example of this posted on Wikileaks a year or so ago, of an American nuclear bomb design obtained from the Russians, which contained a few minor and difficult-to-find design flaws that would have prevented the bomb from actually working if it had been built along those lines.

Re:Only a few terabytes?

[Shakrai]

There was an interesting example of this posted on Wikileaks a year or so ago, of an American nuclear bomb design obtained from the Russians, which contained a few minor and difficult-to-find design flaws that would have prevented the bomb from actually working if it had been built along those lines.

So THAT'S why my nuclear bomb didn't work ;)

Re:Only a few terabytes?

[AHuxley]

Same as you needed in 1989.
A few lines of code and a modem.
Its not about downloading "terabytes" in realtime.
You shift it onto other networks and collect it later.
You got in on other networks, other networks can carry your data out.
A few more or less 'terabytes' on many networks is a nights spam.
Nobody is looking. When they do, your data is safe in its new home.

Re:Only a few terabytes?

[Loki_1929]

If it was a Plutonium weapon, they likely hid flaws in the implosion timing and geometry designs.

If it was a Uranium "gun" design, your weapon failed because you're an idiot. I mean seriously, a couple first-year engineering students with access to Wikipedia and a few thousand bucks can build those. Weaponizing the ore is the toughest part, and that's not difficult (just dangerous to your health).

Re:Only a few terabytes?

[Thiez]

> you feed plausible-looking but wrong information down the leaking conduit for as long as possible.

I assume it would be quite tricky to generate even a few gigabytes of plausible-looking 'data related to design and electronics systems' even if you had a whole day to prepare, and we are talking about multiple terabytes here, and while you are busy preparing the wrong information, the spies are still downloading the correct stuff. So unless you live in a movie where stuff that normally takes days can be done in 5 minutes when our protagonists start randomly pushing buttons on their keyboard with pretty pictures appearing on the screen accompanied by uninformative beeping sounds, it would probably be best to simply terminate the connection and start improving your security, look for backdoors that might have been installed, and so forth.

Re:Only a few terabytes?

It's not like the DoD wants to send anyone massive quantities to data on a regular basis.

(Corrected) It's not like the DoD wants to send non-intel agencies massive quantities to data on a regular basis.

Given that agencies are supposed to work together now, I imagine there is a bit more data transfer between agencies today. I'd also imagine that these are only done over secure connections so anything accessible by the public wouldn't get to a critical network by the fact that they aren't connected.

From the article:

The intruders entered through vulnerabilities in the networks of two or three contractors helping to build the high-tech fighter jet, according to people who have been briefed on the matter.

Given this statement though, it sounds as if the problem was improper network security at the (sub)contractor locations. If not a secure network issue, then improper access due to an authorized users making unauthorized attacks (i.e. spy).

Mij

Re:Only a few terabytes?

They also did that during the Reagan administration with a software package designed to run the valves on a natural gas pipeline.

http://www.msnbc.msn.com/id/4394002

The software was modified to run just fine for a while, but then go haywire. The end result was "...the most monumental non-nuclear explosion and fire ever seen from space...".

This occurred in 1982. I'm sure they're still doing exactly the same thing today.

Re:Only a few terabytes?

[xystren]

So "someone" had downloaded a few terabytes... Has anyone thought about what if some of the design/code has been changed? I would view that as a major threat also. Imagine a bug in the fire control systems that would prevent a weapon from firing when a certain signal is received? Or a limiter that would impact maneuverability during combat situation? We see this sort of thing with malware/spyware/adware all the time. Is it that inconceivable to see it in this kind of situation? What if the data breech is the red herring?

I personally think this aspect has been missed with the whole DATA BREECH drama. Not saying the data breech isn't important, I'm would also be concerned about the integrity of the data accessed. There seems to be only the concern for reverse engineering of the data, no one seems to be concerned about modification of the data.

Just my thoughts,
Xyst

Re:Only a few terabytes?

[eltaco]

espionage, counter-espionage, counter-counter-espionage, etc, are part of the doctrine and thus are usually planned and prep'ed way in advance. all it takes is a flip of a switch.

Re:Only a few terabytes?

[pmarini]

does it mean that the FBI, NSA and Big Brother AT&T also have a copy of these thanks to wholesale wiretapping?

Re:Only a few terabytes?

[hedwards]

The more interesting question is why the DoD has sensitive information hooked up to the net in any way. The only way of ensuring net based attacks are unsuccessful is by disconnecting from the net. Sure you still have to ensure that the people using the terminals are on the up and up, but that's a lot easier than keeping a large network full of sekrit goberment stuff secure.

I'm always amazed that this sort of information would be stored and used on internet connected computers, it just seems like asking for trouble. Historically the DoD has done a pretty incompetent job of securing its systems, which really makes one wonder how many of these advancements are now in the works in foreign states.

Re:Only a few terabytes?

[JCSoRocks]

Yeah, that's what happens when you have a, "shiny bomb-casing filled with used pinball machine parts."

Re:Only a few terabytes?

[StoatBringer]

Clearly, you simply need to connect the red wire to th
+++NO CARRIER+++

Re:Only a few terabytes?

[Kell+Bengal]

I am interested in your idea and would like to subscribe to your newsletter.

Re:Only a few terabytes?

[CopaceticOpus]

Try switching to Comcast(TM)! Their advanced security features would have detected this breach and put a stop to it after only a mere 250G was transferred. It's Comcastic(TM)!

(I just hope the spies didn't discover the fighter's only weakness, a small thermal exhaust port...)

Re:Only a few terabytes?

[ravenshrike]

They did with the AK-47

Re:Only a few terabytes?

[tomthegeek]

+1 Unabomber

Re:Only a few terabytes?

[Maximum+Prophet]

During the cold war, the US got wind that the Soviets were stealing natural gas pipeline control software, so they let them steal a version that had a logic bomb in it. When it blew up, it caused the largest non-nuclear explosion ever seen from space. http://www.msnbc.msn.com/id/4394002
Anyone who uses the stolen data is a fool. Good counter-spies have bad data available for immediate use.

Re:Only a few terabytes?

[meyekul]

I don't think you'd need to modify the whole archive of data to render it all useless.  I'm sure a few carefully altered decimal points is all you'd need to turn a $300B jet into a $300B burning piece of scrap metal.

Re:Only a few terabytes?

[StikyPad]

Turns out we already discussed that 5 years ago. http://slashdot.org/comments.pl?sid=98957&threshold=1&commentsort=0&mode=thread&pid=8438763

The evidence seemed to point to the story being BS.

Why?

[rotide]

Why are these sensitive systems connected to the public internet. Either directly or indirectly, whose bright idea was it? If you need a computer in the lab connected to the internet, fine, just keep the infrastructure seperate.

Re:Why?

[Spazztastic]

Why are these sensitive systems connected to the public internet. Either directly or indirectly, whose bright idea was it? If you need a computer in the lab connected to the internet, fine, just keep the infrastructure seperate.

You see, they weren't actually. They were on a private network but they were able to siphon off data by hanging a bucket off of the network cable and cutting a hole in it. The bits fell into the bucket, and the rest is history...

Re:Why?

[Thanshin]

If you need a computer in the lab connected to the internet, fine, just keep the infrastructure seperate.

You live in the past. Haven't you heard of the new airborne virii?

They're technically called. "I work in a lab and don't know shit about computers so I regularly download all info into my personal portable".

Re:Why?

[Kotoku]

Wait..I'm confused. The Internet is a series of buckets? What if the siphon tube gets clogged?

Re:Why?

[Spazztastic]

No, it's a series of tubes that can be siphoned off into a bucket. Look, kid, you're asking questions that are way above your head here...

Re:Why?

[QuantumRiff]

the secret data wasn't on the internet, according to the article. It was not compromised. Only "sensitive" data was compromised. So while they might be able to infer information about the fighter, and its capabilities, they don't have the design and code for it.

Re:Why?

[Kotoku]

Hey if I'm old enough to work for the government that should tell you I'm old enough to have an intelligent discussion!

Sloppy espionage ?

[Davemania]

Not to downplay this event but I really wonder why we don't hear much about espionage from western countries ? Are they better at it (rather than using malware or commonly avaliable tools) ? I am sure the Chinese etc have equally vulnerable systems.

Re:Sloppy espionage ?

[oldspewey]

Of course the US routinely penetrates Chinese systems in order to steal military secrets ... and in response we have developed an absolutely airtight national defence against the Mig-19 and all its variants.

Re:Sloppy espionage ?

[Thanshin]

Now, I sit down in my home in China, run some scripts, hack a US government computer, brag to my friends, etc.... Someone from the US government calls... wait a minute, no they didn't. No one even cared. But lets pretend they did care and they called some official in China and told them what was going on... *LAUGHTER AND LOTS OF POINTING* from the Chinese side.

I sit down in my home in Spain, run some scripts, hack a US government computer, brag to my friends, etc.... Someone from the spanish government takes a sip from his third coffee of the morning while vaguely rememorating the last time he did some work, many years before. Then, he decides it's a perfect day to go home before noon and leaves.

Re:Sloppy espionage ?

[m50d]

1) a foreign country doesn't want to loose face

Yeah, they'd end up looking rather slack-jawed.

Re:Sloppy espionage ?

[Maximum+Prophet]

The MIG-23 is a awesome jet, but if we wanted any secrets from it, all we had to do was buy one for $20,000 and a case of vodka during the breakup of the Soviet Union.

counterinteligence

[deathguppie]

There is just as good a chance that the information stolen is bad information, as there is that it is good information. Now the Chinese/Russian spies need to determine what is and isn't good information from what they stole

Open source.

[dtml-try+MyNick]

2009, the year of the open source Jet Fighter.

Re:Open source.

[TheRaven64]

Actually it won't, and this is one of the reasons a few countries pulled out of the JSF project. The DoD is refusing to release source code for the weapons-control systems and their partners did not want to be flying expensive fighters when they had not been able to audit the code that controlled the weapons and had no idea if the USA had added a remote kill switch (the key for which had then been stolen by enemy-of-the-day and used to disable the fighters).

Re:Open source.

It's not the DoD, it's the Department of State. Stupid ITAR. I have to deal with it, because I (used to) manufacture a small amount of small arms ammunition (largely specialty loads for uncommon, or almost extinct cartridges, you might say) for consumption ONLY in the US. Not only do you have to register fingerprints, bodily fluids and your first born son with the BATF to get the license to manufacture ammo for sale, you have to pay the DoS about 1700 a year, to register as a manufacturer.

I didn't know about ITAR upfront, and after updating their policies, and only really began learning about it after the BATF reported me to the DoS after several years of putting along, manufacturing about 6000 rounds a year and having fun--it didn't pay a whole lot, but it was a part time business that was actually growing. The back fees put me out, and I had to rescind my 06 FFL for making ammo to avoid going bankrupt.

The premise is, it's supposed to keep our military secrets from falling into enemy hands, but it has such a broad scope that it effects tons of people who don't work on anything remotely sensitive--and good luck trying to get an exemption. It might not be so bad, but it effects lots of people doing no exporting whatsoever, and it also affects academics doing research in fields which are not always so obviously related to armaments... It only adds insult to injury, to see that all of this registration bullshit fails so completely in protecting the REAL secrets. Though, I'm not surprised to learn that it was a government office which was compromised.

It's all the more more frustrating to know that they won't learn a fucking thing from this. If only the pentagon were forced to pay a multi-million dollar fee to the DoS, like a private corporation would.

Comment removed

[account_deleted]

Comment removed based on user account deletion

If I'd spent 300 billion on a project

[VShael]

If I'd spent 300 billion on a project that didn't deliver the goods, I might be tempted to stage an internet break in which would force the projects cancellation, saving face for all concerned.

Speaking of, how much money has been wasted on the missile defence shield? 4 years ago, they were saying 50 billion. Today I think it's up to 115 billion. And of course, it still doesn't work. (And most likely never will.)

Will we see a "break in" on that research any time soon?

Bang for my buck

[KneelBeforeZod]

300 Billion taxpayer dollars?!? Do they transform into giant robots?

this is the second

[nimbius]

article blaming china for hacking in the past 6 months. the US must always have an enemy it seems.

first they say "many details couldnt be learned" such as origin, then the article does an about face and implies it came from china...are we just blaming the new kid for everything!?

could this "breech" have been some misinterpretation of say, a backup job being run? the US Navy has a history of this http://en.wikipedia.org/wiki/Iran_Air_Flight_655

Open Air Policy

[kenp2002]

Again reinforcing the need to return to the "Open Air Policy" that any secret or top secret network must have a "nothing but open air" between the secure system and unsecure system. Prior to the 90s many secure networks had a single cable, usually with a manual breaker, that would be enable only as a specific scheduled time, and the end point on the unsecure side was a single terminal (2 NICs, 1 to unsecure network on one subnet, then the secure network on another) where both network cards were phsyically impossible to operate at the same time (the reason for 2 NICs is the secure NIC is an encrypted card)

Seriously, you should never be able to tget from A -> B -> C where A is a public network and C is a secret or top secret network.

Hell last weekend I was at a shop where the DEV network was self contained and the only way they got code builds was compiled on the DEV network (12th floor) then sneaker-net'ed to the testing environment via optical disk (8th floor).

P.S.F.F The office on the 9th floor still has token ring... WTF who still uses Token Ring? Seriously? I mean it's friggin Token Ring... I remember working on Norwest Mortgage's (bought by Wells Fargo) token ring to ethernet conversion, what 12 years ago now... Jebus Rice that was a long time ago now it seems...

Re:Responsibility

[VShael]

There Are So many randomly capped wordS in tHAT post, I thought you were posting in code.

The real story

[British]

I know someone who was involved with this. They stored the project's blueprints on a video game cartridge. It could only be accessed if you played all the way through the end of the game. After that, the blueprints showed, wireframe graphics & all.

didn't deliver the goods?

[wiredog]

The F-35 is barely out of R&D. It hasn't had a chance to "not deliver" yet.

I call bullshit, maybe

[gentlemen_loser]

Systems containing classified data are NEVER connected to the internet. Any classified data that was siphoned off was left their either maliciously or through stupidity by someone on the inside. In either case, if this really did happen, the person should be tried for treason. Not only are these other networks locked down from the internet, they are also locked down physically - kept away from windows, often in a vault and physical access is tightly controlled.

Any other data that was acquired was probably crap. I strongly suspect that this is another case of fear mongering by an organization trying to get additional funding.

The alternative, which is almost too scary for me to consider, is that we have changed our practices and now leave sensitive information critical to our defense on unprotected systems.

Re:I call bullshit, maybe

[sunking2]

I think to a great extent your perception of what the security around a lot of the F-35 program is a bit over zealous. F-35 is an ITAR program, which mainly means can't be worked on my foreign nationals. All the data is secured, but primarily its not on its own network. My guess is this data probably came out of a hack or someone who got access to something like a DOORS or Team Center server and just started grabbing stuff. Now granted, some things are greater protected than others. But I can say we work extensively on flight controls and other things of importance and security is there as more a nuisance than anything else.

Keep in mind F35 is not a black project. Those get their own network, machines locked behind big doors, big approval list to install programs, etc. F35 is such a large project with so many subcontractors that this doesn't surprise me one bit. Security is largly there to pass an audit, and that's about it.

This whole piece of largely fear mongering to get money approved to create some more bureucracy. Chances are nothing of importance was even gotten as the F35 will be exported to so many countries anyway.

Not even Jack Bauer can prevent leaks

[patro]

It doesn't matter if the data is on the Internet. No matter how well you protect your data there always are rogue agents on the roster who have access to everything and can operate undetected for a long period of time.

I'm not kidding. I have my sources. I watch 24 after all.

Do not underestimate Western-security procedures.

[reporter]

Do not underestimate the cleverness of American-intelligence procedures.

Note that Chinese intruders succeeded in numerous attempts at downloading information related to the F-35 jet fighter. After the 1st such attempt, American intelligence would have become aware of the incident.

If you were a smart intelligence officer, what would you do after the 1st attempt?

You would not publicly announce the breach of security. Rather, you would plant false data into the same computer which was compromised. When the Chinese hacker returns to it to download even more information, then he would get gigabytes of fake data.

The aim is for the Chinese military to develop countermeasures against F-35 performance characteristics that does not exist. When the actual F-35 is deployed, it will defeat those countermeasures and deliver its nuclear payload to Beijing -- on time and on target.

Re:Do not underestimate Western-security procedure

[AHuxley]

"smart American intelligence officer" - in Georgia (country), Iraq (red zone) or 'near' Pakistan or Latin America.
The rest are in the private sector.
What you have left watching some of your servers can be seen thanks to Gary McKinnon.
http://en.wikipedia.org/wiki/Gary_McKinnon

Counterfeit Cisco Gear Perhaps?

[RunzWithScissors]

You may remember that /. ran the following several stories:
Feds Seize $78M of Bogus Chinese Cisco Gear
http://slashdot.org/article.pl?sid=08/02/29/1642221
and
FBI Says Military Had Counterfeit Cisco Routers
http://it.slashdot.org/article.pl?sid=08/05/09/164201&from=rss

Lets see, extra chips on a piece of equipment that handles all the network traffic, which would include NFS and a variety of other plain text protocols (why would someone use encryption on a "secure" network). Add to that a sprinkling of Teredo
http://en.wikipedia.org/wiki/Teredo_tunneling

And looks to me like it's very likely that someone could steal whatever they wanted.

Good thing all our corporate suppliers are bound by contracts that would totally be enforced by this foreign government who's providing the bogus equipment. Didn't think about that, did you, stupid corporate outsourcing asshat.

-Runz

Re:Do not underestimate Western-security procedure

[us7892]

And, do not overestimate Western security procedures.

Re:Do not underestimate Western-security procedure

[shadow349]

You would not publicly announce the breach of security. Rather, you would plant false data into the same computer which was compromised. When the Chinese hacker returns to it to download even more information, then he would get gigabytes of fake data.

Fake data? Bah. I'd much rather we plant bad information that will cause the most monumental non-nuclear explosion and fire ever seen from space.

7.5 million lines of computer code

[viralMeme]

"The Joint Strike Fighter, also known as the F-35 Lightning II, is the costliest and most technically challenging weapons program the Pentagon has ever attempted. The plane, led by Lockheed Martin Corp., relies on 7.5 million lines of computer code, which the Government Accountability Office said is more than triple the amount used in the current top Air Force fighter"

Ohh, fuck .. Lockheed's F-22 Raptor Gets Zapped by International Date Line

I recall one where the pilot wondered what would happen if he pressed the 'gear up' lever while still on the ground. The gear retracted and the aircraft was severely damaged.

Re:Do not underestimate Western-security procedure

[DynaSoar]

> "smart American intelligence officer" - in
> Georgia (country), Iraq (red zone) or 'near'
> Pakistan or Latin America.
> The rest are in the private sector.

They are civilians, not "private sector". Who their employer contracts to makes the difference. Civilian psyops specialists have always been a prominent part of theory and field work. The psyops 'bible' was written by a civilian: Dr. Paul "E.E. 'Doc' Smith" Linebarger.

As for the military intelligence people, what was said about planting false data about the plane applies to the external appearance of the intelligence community. You don't want the enemy to know how many troops you have and what their capabilities are. The same goes for your intelligence capabilities.

While the media reports various intelligence shortcomings and fuckups, and congress investigates same whether they happened or not, some of the smartest people you'll never meet are running around inside the Pentagon's various intelligence offices, and in and out of offices that same entirely different things on the door. Some of them are running an intelligence agency operating within the US, including field operations, that rivals the CIA in quantity and quality of results. Of course this can't be true because the US military is not allowed to conduct operations against US civilians without a federal decree of martial law, right?

Re:bad day for the airforce

[thrillseeker]

I'll start believing the editors of the new york times are competent at military analysis shortly after I believe the editors at the new york times are competent at running a profitable newspaper

Re:Do not underestimate Western-security procedure

[rgarbacz]

When the actual F-35 is deployed, it will defeat those countermeasures and deliver its nuclear payload to Beijing -- on time and on target.

Why do you want to deliver a nuclear payload to Beijing or anywhere?
Is it your answer to the security problems?

I would say that a better way (better for the humankind) is to improve the safety of sensitive information and the defense, instead of looking where and how to send a nuke.
Do not say it is not what you meant, because it is exactly what you meant.

Re:Do not underestimate Western-security procedure

[Dan+Ost]

"Why build one when you can build two for twice the price?"

Do not overestimate Western-security procedure

[Gary+W.+Longsine]

You're fooling yourself. This could have been going on for years, and somebody just noticed because they installed an IDS upgrade, or turn on a new rule or something. The impression that the entire US government has their computer security ducks in a row is comforting, perhaps, but not really true.

Government Regs on How to Transmit Classified Data

[eric02138]

Check out the DoD's guidelines for securing classified data:
http://nsi.org/Library/Govt/Nispom.html

Especially pertinent here is Transmission policy for different types of classified data
http://nsi.org/Library/Govt/Nispom.html#link5
and network security
http://nsi.org/Library/Govt/Nispom.html#link8

Not exactly scintillating reading, but them's the rules.

Re:bad day for the airforce

[Culture20]

the marines, the army, the navy: they all have their own fighter wings

Didn't the Air Force start out as the Army Air Force, and then break off as its own military branch?

Re:Do not underestimate Western-security procedure

[couchslug]

"When the actual F-35 is deployed, it will defeat those countermeasures and deliver its nuclear payload to Beijing -- on time and on target."

Nice try. The F-35 is not a nuclear delivery system but a light tactical fighter-bomber.