[ISN] Defense Contractors Don't Want to Say When They've Been Hacked

From: InfoSec News <alerts_at_private>
Date: Fri, 14 Dec 2012 03:47:13 -0600 (CST)
http://www.motherjones.com/politics/2012/12/defense-contractors-hacked

By Dana Liebelson
Mother Jones
Dec. 13, 2012

In 2009, it came to light that hackers had successfully broken into the 
most expensive Pentagon weapons program of all time, the F-35 fighter 
jet, by gaining access to computers allegedly belonging to the defense 
contractor BAE Systems (the contractor part came out later). There had 
"never been anything like it," one unnamed official told the Wall Street 
Journal. The intruders were later confirmed to be Chinese spies, and lo 
and behold, in 2012 China rolled out a stealth fighter that looked 
suspiciously like the F-35. Was it a coincidence?

It took several years for all of the details of the F-35 breach to be 
unearthed. (The first hack took place in 2007, wasn't publicly reported 
until 2009, and BAE Systems' alleged role didn't come out until 2012.) 
But a new amendment to the defense budget, introduced by Sen. Carl Levin 
(D-Mich.), would prevent contractors from not disclosing when they've 
been hacked. The amendment would require defense contractors to report 
to the Pentagon when spies and hackers successfully scale their 
firewalls. And the contractors don't appear to be happy about it.

Some of the contractors' grievances were aired in Politico on Monday. 
Trey Hodgkins, a senior vice president at TechAmerica, a trade 
association, said that contractors are already participating in a 
voluntary information-sharing program, and they "are likely to fight the 
change."

Mother Jones contacted four major defense contractors: KBR, Lockheed 
Martin, BAE Systems, and L-3 Communications. Only Jennifer Allen, a 
spokesperson for Lockheed Martin, responded—with a non-comment comment. 
"We are reviewing the cybersecurity amendment in the recently passed 
Senate version of the defense authorization bill, and will watch it 
closely," she said.

[...]


______________________________________________
Visit the InfoSec News Security Bookstore
Best Selling Security Books and More!
http://www.shopinfosecnews.org 
Received on Fri Dec 14 2012 - 01:47:13 PST

This archive was generated by hypermail 2.2.0 : Fri Dec 14 2012 - 01:48:22 PST