Foreign groups target defense tech
- By Josh Rogin
- Jan 04, 2007
Government-affiliated institutions in foreign countries are targeting the U.S. defense industry in order to steal sensitive technology at record levels, according to a Defense Department report.
Internet-based attempts to acquire classified intelligence and information from cleared contractors also rose sharply in 2005.
Direct foreign government targeting of the U.S. contracting sector rose slightly compared to 2004. But attempts nearly doubled originating from government-affiliated entities, such as research institutes, laboratories, government-funded universities and companies with strong ties to foreign governments.
The revelations came in the unclassified version of an annual report issued recently by the Defense Security Service’s counterterrorism office. The report was titled “Technology Collection Trends in the U.S. Defense Industry.”
Globalization of the defense industry and increasing cooperation with foreign firms and organizations are exacerbating the security challenge, the report stated.
“Foreign entities will likely use ostensibly legitimate business to target and exploit U.S. firms that develop sensitive technologies,” the report states. “Many countries already deem it in to be in their national interest to acquire any and all U.S. military and dual-use technology.”
Foreign entities used a combination of high-tech and traditional methods last year to gather intelligence from employees of defense contractors. In one example, a female operative seduced a contractor into giving her his computer password. His system was later found to have several foreign intelligence service viruses.
At least three times last year, contractors traveling in Canada were slipped Canadian coins that contained radio frequency transmitters, according to the report.
Overall, 971 suspicious contact reports were received from cleared defense contractors in 2005, a 43 percent increase over the previous year. A total of 342 cleared contractors, or 3 percent of the cleared industry, reported suspicious foreign contacts.
The cleared defense industry is a prime target because they produce advanced dual-use technologies, according to the report. “The U.S. defense industry is the most important player when it comes to safeguarding information critical to our national security,” it states.
Information systems technology was the favorite target, garnering 22 percent of theft attempts. Modeling and simulation technology has been increasingly targeted by foreign entities, according to the report. Some other highly sought-after technologies include lasers and optics, aeronautics, and sensors.
Information systems are targeted because they enhance command, control, communications and intelligence, according to the report. Modeling and simulation technology is crucial to weapons developments as countries try to bridge the technology gap created by U.S. advances.
Internet hacking attempts and network intrusions also increased in 2005. More countries are developing network information gathering capabilities, raising the risks to such information.
“The potential gain from even one successful computer intrusion makes it an attractive, relatively low-cost option for any country seeking access to sensitive information store on U.S. networks,” the document states.
Countries use various methods to acquire classified information from contractors. Requests for information, acquisition of controlled technology, and solicitation of marketing services are the most popular techniques, according to the report.
Suspicious contacts came from 106 countries with 31 percent of attempts coming from East Asia. DSS declined to identify which East Asian countries most attacks originated from. But several recent network intrusions across the federal government have been linked to Chinese servers.
In November, a major cyberattack at the Naval War College in Newport, R.I., forced the institution to shut down all e-mail and computer systems for several weeks. An NWC professor told his class that Chinese hackers had “taken down” the entire network, according to media reports.
In August, the Commerce Department’s Bureau of Industry and Security was forced to replace hundreds of computers after a network intrusion that was admitted to have originated from Chinese servers. BIS determines export policies for sensitive technologies to countries such as China.
Twenty-three percent of collection efforts came from the Near East, which includes the Middle East and Northern Africa. Eurasia -- including Russia -- and South Asia were responsible for 19 percent and 13 percent of collection attempts, respectively.