Feeds

Israel's Iron Dome missile tech stolen by Chinese hackers

Corporate raiders Comment Crew fingered for attacks

Website security in corporate America

A Chinese hacking team previously accused of being behind raids against US defence contractors has been accused of a new data heist: plundering the tech behind Israel's Iron Dome missile defence system.

Beijing's infamous Comment Crew hacking group is thought to have executed the intrusions into the corporate networks of top Israeli defense technology companies linked to the Iron Dome, including Elisra Group, Israel Aerospace Industries and Rafael Advanced Defense Systems, between 10 October 2011 and 13 August 2012, according to Cyber Engineering Services (CyberESI).

The Iron Dome has stopped a barrage of rockets launched into Israel from Gaza and has been hailed the world's most effective missile shield. US investment in Iron Dome could soon top US$1 billion over five years.

In February 2013, Mandiant identified Comment Crew as People's Liberation Army Unit 61398. The United States Justice Department in May charged five members of the unit with various hacking and espionage offenses.

The explosive allegations were detailed by Krebs on Security and contained within a CyberESI report which the company said it was not yet prepared to release publicly.

Of the three targeted organisations only Israel Aerospace Industries confirmed the breach, downplaying the attacks as "old news".

Information accessed included intellectual property on the Iron Dome Arrow 3 rockets built by Israel, the US, IAI and Boeing, and included a 900 page document of detailed schematics and specifications, along with information on Unmanned Aerial Vehicles and ballistic rockets.

Some 700 files were pillaged from IAI, amounting to 763MBs, including Word documents and spreadsheets, PDFs, emails, and executable binaries, Krebs reported.

Comment Crew maintained hooks inside IAI for four months during the 2012 raid, pivoting laterally across the network to plunder more information. They stole administrator credentials, planted trojans and keyloggers, and dumped Active Directory data from at least two domains.

The hacker outfit broke into the network of IAI subsidiary Elisra in October 2011 and remained there for a year where they copied emails from top executives including the chief executive officer, chief technology officer and vice presidents.

Elisra had contracts to supply electronic warfare systems to Seoul for its fleet of Airbus CN-235 transports and other unnamed countries for land vehicles. It is not suggested files relating to these contracts were compromised.

CyberESI reported the attacks to the companies but did not receive a response, Krebs reported.

This story will be updated if and when The Register receives a copy of the CyberESI report. ®

Protecting users from Firesheep and other Sidejacking attacks with SSL

More from The Register

next story
Hackers pop Brazil newspaper to root home routers
Step One: try default passwords. Step Two: Repeat Step One until success
UK.gov lobs another fistful of change at SME infosec nightmares
Senior Lib Dem in 'trying to be relevant' shocker. It's only taxpayers' money, after all
Critical Adobe Reader and Acrobat patches FINALLY make it out
Eight vulns healed, including XSS and DoS paths
Spies would need SUPER POWERS to tap undersea cables
Why mess with armoured 10kV cables when land-based, and legal, snoop tools are easier?
TOR users become FBI's No.1 hacking target after legal power grab
Be afeared, me hearties, these scoundrels be spying our signals
Blood-crazed Microsoft axes Trustworthy Computing Group
Security be not a dirty word, me Satya. But crevice, bigod...
Snowden, Dotcom, throw bombs into NZ election campaign
Claim of tapped undersea cable refuted by Kiwi PM as Kim claims extradition plot
Freenode IRC users told to change passwords after securo-breach
Miscreants probably got in, you guys know the drill by now
prev story

Whitepapers

Secure remote control for conventional and virtual desktops
Balancing user privacy and privileged access, in accordance with compliance frameworks and legislation. Evaluating any potential remote control choice.
WIN a very cool portable ZX Spectrum
Win a one-off portable Spectrum built by legendary hardware hacker Ben Heck
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
The next step in data security
With recent increased privacy concerns and computers becoming more powerful, the chance of hackers being able to crack smaller-sized RSA keys increases.