Slashdot Mirror

← Back to Stories (view on slashdot.org)

China Hacked a Navy Contractor and Secured a Trove of Highly Sensitive Data on Submarine Warfare (washingtonpost.com)

Posted by msmash on from the breaking-news dept.

Ellen Nakashima and Paul Sonne, reporting for The Washington Post: Chinese government hackers have compromised the computers of a Navy contractor, stealing massive amounts of highly sensitive data related to undersea warfare -- including secret plans to develop a supersonic anti-ship missile for use on U.S. submarines by 2020, according to American officials. The breaches occurred in January and February, the officials said, speaking on the condition of anonymity to discuss an ongoing investigation. The hackers targeted a contractor who works for the Naval Undersea Warfare Center, a military organization headquartered in Newport, R.I., that conducts research and development for submarines and underwater weaponry. The officials did not identify the contractor. Taken were 614 gigabytes of material relating to a closely held project known as Sea Dragon, as well as signals and sensor data, submarine radio room information relating to cryptographic systems, and the Navy submarine development unit's electronic warfare library. The Washington Post agreed to withhold certain details about the compromised missile project at the request of the Navy, which argued that their release could harm national security.

3 of 112 comments (clear)

  1. Heard this before by eneville · · Score: 3, Informative

    ... it was in the book 'The Cuckoo's Egg'.

    --
    Why UNIX?
  2. Could harm national security? by Viol8 · · Score: 3, Informative

    I think that horse has bolted and is grazing happily in a field right now.

    You'd think a defense contractor would know not to store top secret information on internet accessible machines but I guess there's stupid in every organisation.

  3. "sensitive" not the same as "classified" by david.emery · · Score: 4, Informative

    The rules for protecting Sensitive data are less stringent than for actually Classified data. (And just because some reporter uses the word 'secret', I'm not convinced from this article that the material was actually classified.)

    If classified data was actually placed on a machine that was not properly secured, multiple people should go directly to jail. If this was a breach of a contractor system with 'FOUO' sensitive (but not classified) data, then there's a much higher bar for 'go to jail.' That being said, I'd fully expect there to be substantial consequences against the contractor, up to being kicked off and forbidden to bid on subsequent contracts.