Report: Defense contractors battle 'relentless' online assaults

Foreign nations are increasingly exploiting the Internet, including social network sites, to conduct industrial espionage against Defense Department contractors, according to a recently released government report.

"United States defense-related technologies and information are under attack each day, every hour and from multiple sources," the Defense Security Service, which oversees security at 13,000 contractor facilities, said in the report. "The attack is pervasive, relentless and unfortunately, at times, successful."

Contractors are required to detail suspicious contacts with foreign nations or commercial organizations to the Defense Security Service, according to the report, which is the second document on industrial espionage that top Pentagon officials called for in July 2008. The report covers 2008, was written in 2009. It was released on March 30.

Direct requests for information sent via e-mail were the most prevalent type of attempt to obtain information on U.S. defense systems, followed closely by what the Defense Security Service called "suspicious Internet activity," which included intrusions into unclassified contractor networks.

The attacks came from nations considered unfriendly and friendly. Countries in East Asia and the Pacific -- including China, the two Koreas and Vietnam -- dominated Internet attempts to collect U.S. defense information, the report noted. E-mail messages requesting price quotes and system information were the preferred method to attempt to steal information on U.S. technologies. Users also sent multiple e-mail requests for the same information to different individuals working for the same contractor.

The report warned that the abundance of personnel information on contractor Web sites and the growing use of social network sites "give a likely targeting advantage to East Asia and Pacific cyberactors exploiting the Internet."

Hackers from East Asia and the Pacific region focused their attention on information systems, accounting for 29 percent of suspicious contact reports turned in to the Defense Security Service, according to the report. More than a third of the attacks (36 percent) coming from European countries, including Russia and NATO allies such as France, Germany and the United Kingdom, tried to obtain information on aeronautical systems and 12 percent targeted data on information technology.

Attempts to obtain information on unmanned aerial vehicles, which the military has used successfully in Iraq and Afghanistan, have increased to an extent that the report devoted a special section on foreign probes to gain information on these programs.

The U.S. industrial sector is at risk of intensive foreign-originated efforts to acquire UAV-related technologies or information at contractor facilities, the report concluded.

NATO allies as well as current or potential allies have tried a variety of Internet probes to obtain information on UAV technology, including inquiries to buy entire systems or suspicious requests asking to team with a contractor or to create a joint venture.

Gene Robinson, president of RP Flight Systems in Austin, Texas, which builds UAVs for civilian public safety agencies, said his company experiences Internet probes on a daily basis from everywhere in the world. During the weekend of April 4-5, the company logged attacks from Syria, Turkey and Iran, and on Monday flagged probes from Australia, Brazil, Belgium, France, Greece and the Netherlands, he said.

Countries seeking UAV information monitor social network sites such as YouTube, which Robinson said has numerous UAV videos. They also log on to the professional social networking site LinkedIn, which large U.S. defense corporations use to glean personal information on top Defense contractor personnel to create e-mail phishing attacks aimed at those executives, Robinson noted.

A.R. "Trey" Hodgkins III, vice president for the national security and procurement policy for the industry group TechAmerica, said LinkedIn poses a potential security problem because it provides detailed personal information that can make the recipient of a phishing e-mail think it is from a legitimate company. He said the amount of information available on a social network site comes down to individual responsibility.

"As our means of communications evolve, I think we should expect such efforts at espionage to evolve," Hodgkins said. "One of the persistent weak links in network security is the people that use those networks, so there will always be those trying to take advantage of that weak link."

Charles "Jack" Holt, senior strategist for emerging media in the Pentagon, said Defense, which issued a policy on the use of social media in March, wants to use social media, but that requires the department to train troops, employees and contractors to understand the threats it poses.

Holt added reports such as the one from the Defense Security Service "help us to understand the environment in which we now work and live and it is our responsibility to help our people understand their roles and their responsibilities."

A spokesman said Facebook provide privacy settings to block access to personal information and emphasized users should follow their employers' social networking guidelines. "As we advise all Facebook users, Department of Defense personnel should be aware of the information they post and how to control who sees that information," he said. "Like any nonsecure communications channel, sensitive or classified information should never be posted on Facebook and information that is made available should be in compliance with employer guidelines."