Senate investigators released a newly declassified report Wednesday that declared China was responsible for at least 20 of some 50 successful hacks of Pentagon defense contractors since 2012.
Senate Armed Services Committee Chairman Carl Levin of Michigan and ranking Oklahoma Republican Jim Inhofe announced the results of the year-long investigation, which covered 50 infiltrations against unnamed companies with U.S. Transportation Command contracts, which among other things, are used to tap into private transportation networks to quickly execute troop and supply deployments.
“These peacetime intrusions into the networks of key defense contractors are more evidence of China’s aggressive actions in cyberspace,” Levin said Wednesday according to Reuters.
The report concludes that at least twenty of those “advanced persistent threat” attacks were too sophisticated to originate anywhere other than the Chinese government, and that hackers were able to swipe “emails, documents, user passwords and computer code.” An airline used by the U.S. military along with a commercial logistics route ship contracted by U.S. Transportation Command were also compromised.
Investigators also highlighted “troubling gaps in reporting requirements and information sharing both between TRANSCOM and its contractors and among federal agencies,” meaning defense contractors have, on numerous occasions, failed to be forthright about attacks launched against them. Such disclosures are required per their contracts with the federal government.
In response to the report’s findings, Inhofe called for the creation of a “central clearinghouse” for contractors to go through for timely reporting of suspicious cyber activity.