Hackers Turned Defense Contractor QinetiQ Into Intelligence Playground
For three years, digital thieves linked to China stole intellectual property and defense information from the U.K.-based firm.For more than three years, hackers linked to China thoroughly compromised U.K.-based QinetiQ, a firm that bills itself as "a world leading defense technology and security company," to steal intellectual property and sensitive defense information, according to reports of the incident. The long-running breach resulted in numerous visits from federal investigators from December 2007 until late 2010, according to Bloomberg News, which first reported the massive compromise. The incident, spelled out in emails leaked from security firm HBGary in 2011, resulted in large swaths of data on sensitive technologies--such as drones and military helicopters—getting transmitted overseas. "The scary part of this particular type of intrusion is you are no longer talking about business interests and intellectual property, but about national security, and that raises the stakes quite a bit," said Alex Cox, principal research analyst for RSA's FirstWatch incident response group. The report is the latest evidence linking compromises at defense and critical-infrastructure companies to a Chinese group known as the "Comment Crew." In February, incident response firm Mandiant released a report identifying the group as the source of more than 140 incidents of espionage investigated by the firm since 2006. The group is a part of the People's Liberation Army known as Unit 61398, Mandiant said.
It's one of several espionage groups backed by nation-states known within defense and security circles as specialists in advanced persistent threats (APTs). In January, The New York Times and the Wall Street Journal revealed that hackers thought to be from China had compromised their networks.