Ares

A Defense Technology Blog
See All Posts
  • F35 H4X0R3D ZOMG!
    Posted by Bill Sweetman 5:55 PM on Apr 21, 2009

    The Wall Street Journal reports today that part of the F-35 Joint Strike Fighter program's computer network has been penetrated and compromised, most likely by China-based intelligence operatives.

    Key points from the story:  the intruders accessed terabytes of data;  they used tools that made it impossible to determine exactly what they compromised;  repeated break-ins have been detected from 2007 and 2008. Also, at least two break-ins were detected in partner nations, one of those being Turkey. 

    Also, the WSJ reporters were told that the hackers "weren't able to access the most sensitive material, which is stored on computers not connected to the Internet."

    However, before breathing a sigh of relief and continuing to the next subject, it might be worthwhile to think about how intelligence actually works.

    What the hackers now have in their files is very valuable. Unless this is a huge deception exercise run by the US (including false leaks to the WSJ) they have a pile of material that they know is genuine, and they know that we don't know what they've got. This can be used in at least two ways.

    In a classic "mosaic" intelligence technique, it allows fragmentary, more sensitive intelligence that might be gathered in the future to be placed in its proper context and evaluated with greater confidence. For instance, if they now know where the Have Ruby system plugs in, they'll be much better placed if they later find out that it works in X-band. 

    Even more valuable, such a large data haul gives the hackers a way to validate any future information that comes their way - through attacks on the expanding JSF data system or otherwise - and discriminate between genuine intelligence, private-enterprise fakes or deliberate plants.

    A big "Way to go there, Sparky" goes out to JSF program security.  

    Tags: ar99, JSF, cyberwarfare

Share:
  • Recommend
  • Report Abuse

Comments on Blog Post