“We have seen the theft of information from commercial and government organizations for many years,” said security expert Ken Silva. “But this incident is a clear example of the national security implications of such breaches. It is increasingly more evident that defensive measures don’t always work and organizations need to assume there has been, or will be, a breach.”
Last week, reports of hacks from groups in Iran made big headlines. This week, headlines are pointing fingers at China once again.
The Washington Post got the ball rolling with a story carrying the headline “Confidential report lists U.S. weapons system designs compromised by Chinese cyberspies.” The headline is enough to drive panic in security circles, even if it’s not surprising. Many security analysts have been warning of this possibility for years.
The Post pointed to a report prepared for the Pentagon by Defense Science Board leaders. The Defense Science Board is part of the Department of Defense that works to provide solutions to technological, operational and managerial problems.
Discovering the Breach
A spokesman for the Pentagon declined to discuss the list with The Post. But the spokesman, who was not authorized to speak on the record, told The Post in an e-mail, “The Department of Defense has growing concerns about the global threat to economic and national security from persistent cyber-intrusions aimed at the theft of intellectual property, trade secrets and commercial data, which threatens the competitive edge of U.S. businesses like those in the Defense Industrial Base.”
Ken Silva, senior vice president for cyber strategy of the Mission, Cyber and Intelligence Solutions group at ManTech International Corp., said that while it is not new that Chinese hackers have penetrated a number of companies and government agencies, this news is indicative of the types of information which have probably been gleaned from those penetrations.
“We have seen the theft of information from commercial and government organizations for many years. But this incident is a clear example of the national security implications of such breaches,” Silva told us. “It is increasingly more evident that defensive measures don’t always work and organizations need to assume there has been, or will be, a breach and put the proper tools and procedures in place to detect and deal with it quickly. Organizations without these tools and procedures have often made the discovery of a breach after months or even years of exploitation.”
What Enterprises Can Learn
Meanwhile, security experts are still talking about Iran, including Silva. As he sees it, the news regarding possible Iranian-backed hackers targeting the U.S. energy infrastructure is a clear indication that the stakes have been raised and that the methods by which nations will attempt to attack other nations are evolving rapidly.
“In general, nation-state attackers in China, Iran, Russia and South American countries are becoming more brazen and their attacks more complex, involving elaborate plans to steal intellectual property and money,” he said. “Now is the time for administrators and decision makers to either put a detection and mitigation strategy in place or finalize current plans so that quicker detection and mitigation of these types of sophisticated attacks becomes a reality and corporations put an end to the leaking critical information.”