The technology behind
Iron Dome, the missile defence system Israel has been using since
2011, was stolen by Chinese military hackers, it has been
alleged.
The claims were made by Cyber Engineering
Services to Brian Krebs of security news site Krebs On Security, and
identify Elisra Group, Israel Aerospace Industries (IAI) and Rafael
Advanced Defence Systems as the three defence companies that were
compromised during the cyber assault. The perpetrators, Cyber
Engineering Services says, are the same ones behind a spate of
attacks that have come to light in the past few years, all
attributed to Unit 61398, a Shanghai-based arm of the Chinese army.
The five Chinese military offers arrested by the US earlier this year for allegedly hacking
energy firms in the country, also belong to the same unit.
The hacks took place from October 2011, some six
months after Iron Dome became operational, and continued up until
August 2012. Israel Defence Forces (IDF) has said that many
hundreds of rockets fired from Gaza, particularly during the
current military operation and a series of clashes in 2012, have
been scuppered by the system, which is thought to be one of the
most effective missile-defence technologies in the world.
Many of the cyber breaches bear the hallmarks of
similar attacks on private corporations or media outlets that we have seen in the past. For instance, IAI
was scuppered by an email phishing attack, reports Krebs On
Security, after which the hackers spent four months installing
malicious software (including trojans and keyloggers) to expand
their reach. Several different systems were analysed by the hackers
as a result of the infiltration, amounting to at least 700 files of
762MB, in total. Cyber Engineering Services estimates that those
700 files, in the form of emails, PFDs, scripts, spreadsheets and
more, represent just a small amount of the total intellectual
property stolen by hackers.
Although Iron Dome data was targeted and breached,
the hackers also focused extensively on Arrow III missiles, drone
technology and ballistic rockets. Joseph Drissel, founder of
Cyber Engineering Services, told Krebs On Security that much of
this IP does not in fact belong to the Israeli companies. Rather,
the firms were obligated to protect it under US government
regulations, having been provided with the data from US defence
companies, including Boeing.
This could, potentially have something to do with why
the claims have not come to light until now. A representative from
IAI told Krebs On Security the report -- still not publicly
available -- was "old news" and all the relevant procedures
following the revelation were followed. Nevertheless, it's not
something a private company responsible for the defence of a
nation, either in the US or Israel, would likely want to admit
to.
It's not totally clear, however, how Cyber
Engineering Services came to point the finger of blame at the
Chinese military. Most of the hacks we know Unit 61398 perpetrated
have been against the US, but equally they have been directed
against private companies, often related to national infrastructure
or big industry. The arrests made by the US earlier this year were
off the back of a report published by Mandiant, which revealed the
secretive unit had been within company networks for years sometimes
-- in one case, four years and ten months.
Iron Dome has a reputation as one of the leading
pieces of defence kit in the world, with a number of other
countries thought to have either acquired it or engaged in talks
with Israel to do so. Further development by Rafael Advanced Defense Systems has led to a
teaser for a followup system, Iron Beam. While Iron Dome will only
shoot down rockets heading for populated areas (using algorithms to
instantly identify these) to conserve on ammunition, Iron Beam would use a high-energy laser that could stand to
respond more indiscriminately, using a thermal radar to track and
map all projectiles in range.
0 comments:
Post a Comment