The Defense Science Board detailed other weapon systems cyber spies have stolen designs and data on span the F/A-18 fighter jet; the V-22 vertical take-off and landing aircraft; the Navy’s Littoral Combat Ship and the Black Hawk helicopter, The Washington Post has reported.
“Cyber attacks have become the preferred method of conducting espionage, because virtually every U.S. secret is on a network somewhere.,” said Loren B. Thompson, senior defense analyst and a defense industry consultant with the Virginia-headquartered Lexington Institute. “If enemies can gain access to those networks, they can avoid the difficulty of planting agents in organizations — a drawn out and dangerous process.
“The U.S. intelligence community suspects plans for America’s most advanced weapons have been stolen by foreign hackers, enabling adversaries to save billions of dollars on their own military research,” he added.
RELATED: Special report on war on cyber terror
In an untold number of cases, cyber spies targeted defense contractors in the supply chain viewed as an easier target with weaker defenses than the military or prime contractors may have in place.
“This is one of those problems that is so significant we are going to need more than mandates,” said Deborah Gross, Dayton Area Defense Contractors Association executive director. “We are going to need to work together.
“This is a huge problem, it’s a serious problem and I think the other thing people need to understand is when you look at the broad heart of cyber security … it’s virtually impossible to protect everything,” she said.
Defense contractors are under congressional directive to put in place bolstered cyber-security measures by Dec. 31, a deadline extended by two years.
Contractors must safeguard unclassified data and report to the Defense Department cyber incidents “that result in an actual of potentially adverse effect” on the company or Defense Department information.
It was not clear how many incidents have been reported.
The Pentagon counts about 60,000 contractors it does business with, and 42,000 have contractual requirements to protect information in cyberspace, officials have said.
Defense contractors are not alone in their vulnerability or in the scope of massive attacks that have affected tens of millions of Americans.
James Scott, co-founder and senior fellow at the Institute for Critical Infrastructure Technology in Washington, D.C., said critical infrastructure, the energy, financial and health sectors are “pretty vulnerable.”
“The health sector is absolutely first and foremost the most vulnerable and secondly the most perpetually attacked and third the most successfully attacked on a regular basis,” he said.
RELATED: Need a job? U.S. military looking for cyber warriors