The Iron Dome defence system fires to intercept incoming missiles from Gaza in the port town of Ashdod in Israel
The Iron Dome defence system fires to intercept incoming missiles from Gaza in the port town of Ashdod in Israel

Schematics from Israel's Iron Dome missile shield 'hacked' by Chinese, says report

Schematics and technical documents from three Israeli defence contractors were reportedly stolen between 2011 and 2012 by state-sponsored hackers

James Vincent
Wednesday 30 July 2014 08:43
Comments

Chinese military hackers have reportedly stolen “huge quantities of sensitive data” regarding Iron Dome, Israel’s US-funded, billion-dollar missile shield.

Documents from three Israeli defence contractors were reportedly stolen in a series of attacks between 2011 and 2012 by a group known as the “Comment Crew”, a hacker organization funded by the Chinese People’s Liberation Army (PLA).

Accusations of the attacks were made by cybersecurity group Cyber Engineering Services (CyberESI) on the blog of independent security analyst Brian Krebs.

According to the report, Israeli contractors Israel Aerospace Industries (IAI), Rafael Advanced Defence Systems, and the Elisra Group were all targeted, with the stolen data including technical documents covering everything from ballistic rockets to drones.

Joseph Drissel of CyberESI said that the nature of the attacks suggested the hackers were looking for information about Iron Dome, the missile intercept system that is widely credited with the low number of Israeli citizen casualties in the ongoing Gaza conflict.

The hackers also stole a 900-page document providing detailed schematics of the Arrow III missile, a technology that Cyber ESI founder Joseph Drissel said “wasn’t designed by Israel, but by Boeing and other US defence contractors.”

Iron Dome: Israel's defence program is credited with the low citizen casualties in the country.

Read more: 'We ignore this new anti-Semitism at our peril'
Heaviest night of strikes hits sole power plant
Baby born by caesarean after mother is killed in air strike

“We transferred this technology to them, and they coughed it all up. In the process, they essentially gave up a bunch of stuff that’s probably being used in our systems as well,” Drissel told Krebs.

This American connection might suggest why the hacks have not been reported by Israeli contractors. Two of those companies contacted by Krebs did not reply while a third, IAI, said that the information was “old news”.

“At the time, the issue was treated as required by the applicable rules and procedures,” IAI’s Eliana Fishler told Krebs. “The information was reported to the appropriate authorities. IAI undertook corrective actions in order to prevent such incidents in the future.”

When pressed however, IAI were not able to provide links to any media coverage of the hacks.

The group that CyberESI blame for the attacks, Comment Crew, were identified by security firm Mandiant as Unit 61398 of the PLA in February 2013. This report led to the arrest in May of five members of the group by the United States Department of Justice for attacks against private firms.

However, CyberESI have not published any direct evidence of the Chinese military’s involvement other commenting that the attack “bore all the hallmarks” of the Comment Crew.

The attacks included installing various tools and Trojan horse programs on the internal systems of the Israeli contractors, with the hackers reportedly gaining access to the email accounts of top executives.

Speaking to Business Insider, research scientist Jon Lindsay of the University of California's Global Institute on Conflict and Cooperation said the hacks might suggest the Chinese were interested in developing their own missile shields, a notoriously difficult technology to create, but that they might also have been more speculative.

"The Chinese style of espionage is more like a vacuum cleaner than a closely-directed telescope," Lindsay said. "They go after a lot of different kinds of targets — the leaders in any particular industry."

Register for free to continue reading

Registration is a free and easy way to support our truly independent journalism

By registering, you will also enjoy limited access to Premium articles, exclusive newsletters, commenting, and virtual events with our leading journalists

Please enter a valid email
Please enter a valid email
Must be at least 6 characters, include an upper and lower case character and a number
Must be at least 6 characters, include an upper and lower case character and a number
Must be at least 6 characters, include an upper and lower case character and a number
Please enter your first name
Special characters aren’t allowed
Please enter a name between 1 and 40 characters
Please enter your last name
Special characters aren’t allowed
Please enter a name between 1 and 40 characters
You must be over 18 years old to register
You must be over 18 years old to register
Opt-out-policy
You can opt-out at any time by signing in to your account to manage your preferences. Each email has a link to unsubscribe.

Already have an account? sign in

By clicking ‘Register’ you confirm that your data has been entered correctly and you have read and agree to our Terms of use, Cookie policy and Privacy notice.

This site is protected by reCAPTCHA and the Google Privacy policy and Terms of service apply.

Join our new commenting forum

Join thought-provoking conversations, follow other Independent readers and see their replies

Comments

Thank you for registering

Please refresh the page or navigate to another page on the site to be automatically logged in