Tuesday's must reads

A number of stories over the weekend.

The big one is from the Financial Times this morning:

Chinese military hacked into Pentagon [FT, 9.3.2007]

The Chinese military hacked into a Pentagon computer network in June in the most successful cyber attack on the US defence department, say American officials.

The Pentagon acknowledged shutting down part of a computer system serving the office of Robert Gates, defence secretary, but declined to say who it believed was behind the attack.

Current and former officials have told the Financial Times an internal investigation has revealed that the incursion came from the People's Liberation Army.

One senior U.S. official said the Defense Department had pinpointed the exact origins of the attack. Another person familiar with the event said there was a "very high level of confidence...trending towards total certainty" that the PLA was responsible. The defence ministry in Beijing declined to comment on Monday.

Beware: enemy attacks in cyberspace

Lieutenant General Robert Elder, senior Air Force officer for cyberspace issues, recently joked that North Korea "must only have one laptop" to make the more serious point that every potential adversary -– except Pyongyang -– routinely scans U.S. computer networks.

North Korea may be impotent in cyberspace, but its neighbour is not. The Chinese military sent a shiver down the Pentagon's spine in June by successfully hacking into an unclassified network used by the top policy advisers to Robert Gates, the defense secretary.

While the People's Liberation Army has been probing Pentagon networks hundreds of times a day for the past few years, the U.S. is more alarmed at the growing frequency and sophistication of the attacks.

The Pentagon spent several months deflecting the recent onslaught before the PLA penetrated its system, which was shut down for more than a week for diagnosis.

Mid-Tier Contractors Getting Left Out [WP, 9.3.2007]

As Federal Contracts Grow, Medium-Size Firms Can't Keep Up

For many years, the middle tier of companies in the $200 billion federal services industry was regarded as a source of innovation and productivity. They grew into companies that today are big names in the contracting space -- SRA, Alion, CACI and Mantech.

The Los Angeles Times leads with documents that show senior managers at KBR went ahead with a supply operation in the spring of 2004 despite repeated warning that the route was not safe. The paper got a hold of a bunch of internal KBR documents that show there were disagreements among staff members but ultimately a convoy was sent out to the middle of a firefight and six civilian drivers, along with two U.S. soldiers, ended up dead...

KBR warned the LAT several times against publishing its story on the supply convoy, and it's clear why the company wouldn't want the information getting out. It's a detailed and compelling story that shows an Army dependent on a private contractor to get critical supplies through volatile territory and a company that ultimately chose to send civilian employees through a dangerous area to fulfill a multibillion-dollar contract. "Can anyone explain why we put civilians in the middle of known ambush sites?" asked one security adviser in an e-mail after the six drivers were killed. "Maybe we should put body bags on the packing list for our drivers." In the end, only six of the 19 KBR trucks that were sent to the airport on that fateful day reached their destination.