The U.S. Defense Department is investigating intrusions by Chinese cyber-spies into the computer systems of defense contractor QinetiQ North America, the Pentagon said.
For three years, hackers linked to China’s military infiltrated QinetiQ’s computers and compromised most if not all of the company’s research, which includes work on secret satellites, drones and software used by U.S. special forces in Afghanistan and the Middle East, Bloomberg News reported May 2.
“We are working very closely with QinetiQ to determine exactly the scope and breadth of this incident,” Pentagon spokesman Army Colonel Steve Warren told reporters on May 3.
Warren wouldn’t say whether national security had been compromised. “That’s an assessment we are not prepared to announce yet,” he said. “We are looking closely at a number of different levels to determine exactly what happened and when.”
Jennifer Pickett, a spokeswoman for McLean, Virginia-based QinetiQ North America, didn’t immediately respond to e-mail and phone messages seeking comment about the Pentagon’s probe. Pickett declined to comment on Bloomberg’s May 2 story, citing a company policy to not discuss security measures.
QinetiQ is only one target in a broader online campaign. Beginning at least as early as 2007, Chinese computer spies raided the data of almost every major U.S. defense contractor and made off with some of the country’s most closely guarded technological secrets, according to two former Pentagon officials who asked not to be named because damage assessments of the incidents remain classified.
Chinese cyber-spying appears even broader. The Pentagon released a report yesterday accusing China’s military of targeting U.S. government computers to bolster its defense and technology industries and to support military planning.
“China is using its computer network exploitation capability to support intelligence collection against the U.S. diplomatic, economic, and defense industrial base sectors that support U.S. national defense programs,” the report said.
In the QinetiQ case, investigators eventually identified the Shanghai-based hackers that broke into QinetiQ as a crack team, nicknamed the Comment Crew by security experts. That team has also hit major corporations and political figures. At least one other Chinese hacking team also may have been involved, according to a person familiar with the investigation.
In a Feb. 18 report, Mandiant, an Alexandria, Virginia-based security firm, attributed 141 major cyber-attacks to the Comment Crew without naming the targets. Mandiant identified the Comment Crew as the People’s Liberation Army Unit 61398, which is similar in some respects to the U.S. National Security Agency. Mandiant’s report prompted Tom Donilon, President Obama’s national security adviser, to call on China to stop the hacking of U.S. companies.
The spying operation on QinetiQ jeopardized the company’s sensitive technology involving drones, satellites, the U.S. Army’s combat helicopter fleet and military robotics, according to internal investigations.
“Cyber-activities are becoming increasingly something that we need to worry about,” said the Pentagon’s Warren, who declined to elaborate further on the investigation into QinetiQ.
Federal agencies have known for years that QinetiQ was losing confidential data. In December 2007, the Naval Criminal Investigative Service informed QinetiQ that employees in McLean were losing confidential data from their computers. In September 2010, the FBI called QinetiQ with evidence that its information was being stolen.
NCIS and FBI representatives have declined to comment on QinetiQ.
The QinetiQ intrusions haven’t affected the company’s ability to win government contracts or provide cyber-security to federal agencies.
In May 2012, QinetiQ received a $4.7 million cyber-security contract from the U.S. Transportation Department, which includes protection of the country’s critical transport infrastructure.