The U.S. Department of Defense in a new report covering espionage for 2009 said that attempts by foreign spies to obtain classified or restricted U.S. technology increased and that foreign governments are focusing their spying efforts on naval and marine technology that could provide the foundation for a next generation “blue water” navy.
The revelation comes in the 2010 edition of “Targeting U.S. Technologies: A Trend Analysis of Reporting from Defense Industry,” (PDF) an annual publication by the Defense Security Services (DSS), part of the U.S. Department of Defense. The report concludes that Internet based spying and targeted attacks from what the report refers to as “entities” from “East Asia and the Pacific region” continued to be a major problem for the U.S. military and military contractors.
Foreign governments and foreign owned commercial entities sought out restricted technologies through a variety of means. The Internet, the report concludes, continues to be the tool of choice, offering a “low cost, high gain” method to obtain sensitive or classified technology and information. Targeted “phishing” e-mail messages and attacks aimed at compromising networks were the cyber tools of choice.
However, foreign entities interested in acquiring classified or restricted technology didn’t limit themselves to remote, Internet based attacks. For the fourth year in a row, DSS reported an increase in inquiries about business partnerships and R&D agreements. While some of those may be due to increased commercial links between the U.S. and nations seeking classified technology, the DSS concluded that many of those inquiries were linked to efforts to obtain sensitive technology. In fact, commercial spying far outweighed more traditional types of government-to-government espionage when it came to the acquisition of sensitive technology, the DSS report concludes. Front companies, foreign visits and public venues where technology was on display all provided opportunities for nations to circumvent U.S. export control and collect information and technology inconspicuously, the report says.
“This represents, in part, an apparent shift on the part of foreign governments to mask officially-sponsored collection efforts as seemingly less alerting inquiries,” the report says.
Many of the conclusions for the latest report, which summarizes reports of suspicious activity collected during the 2009 fiscal year, echoes that of previous reports. Information systems technology was of particular interest, especially technology related to modeling and simulation software that can be used in military modernization programs.
However, the increased focus on the acquisition of what the report terms “marine sensors technology” was a new development in 2009 and a trend that likely continued in 2010, the report said. Marine sensors technology includes things like sonar buoys, bottom scanning sonar, autonomous underwater vehicles, deep see diving bells and sensors used by the U.S. Navy’s Littoral Combat Ship Program, a seven year-old program to build next generation navy combat ships designed for deployment close to shore. The report concludes that the marine sensor technology has both commercial and military applications that are of interest to foreign entities in East Asia and the Pacific, as well as the Near East and South and Central Asia that are interested in expanding the reach of their navies to be able to operate globally. Fully 60% of all suspicious incidents collected in 2009 related to marine sensors were linked to countries int eh East Asia and Pacific region.
“Collectors likely targeted emerging marine technology in efforts to transform their capabilities from brown-water to blue-water,” the report says. “Because the United States is a world leader in naval R&D and naval defense technologies, cleared contractor employees should be aware of this burgeoning threat,” the report concludes.
The U.S. Government and Department of Defense have become increasingly alarmed about cyber intrusions into classified intelligence networks. The leak of classified diplomatic cables to the Web site Wikileaks is one prominent example, but recent incidents like the 2008 USB-based malware infection that is believed to have compromised the military’s classified information network, SIPRnet, and the so-called “Aurora” attacks on high tech firms and defense contractors have prompted the government to reorganize its cyber operations into a unified Cyber Command, and look for new ways to spot compromises and the activities of malicious insiders.