Title: Chinese Exfiltrate Sensitive Military Technology

Release Date: 2015-01-17

Description: These three undated NSA slides describe alleged Chinese cyberattacks against US military targets, codenamed BYZANTINE HADES: see the Der Spiegel article The Digital Arms Race: NSA Preps America for Future Battle, 17 January 2015.

Document: (U) Acquired radar design

- (U) Numbers and types of
modules

(U) Detailed engine
schematics

(U) Methods for cooling gases

(U) Leading and trailing edge
treatments

(U) Aft deck heating contour
maps

1 am/ tprp>hvtes of data

Him

race

ft* CMS

Bat

®s-w»ir sis?u

(S//REL) Chinese
Technoloav

TOP SECRET//COMINT//REL USA, FVEY

7

TOP SECRET//COM INT//REL USA, FVEY

(S//REL) BYZANTINE HADES Causes Serious Damage to DoD Int

(S//REL) (S//REL) Resources Expended Towards * At least +30,000 lncidents/ + 500 Significant Intrusions in DoD Systems * At least +1600 Network Computers Penetrated * At least 600,00 User Accounts Compromised * +$100 Million to Assess Damage, Rebuild Networks
Response to Attacks (S//REL) Personnel, Network, Logistics Data, Compromises • USPACOM: Air Refueling Schedules (CORONET) USTRANSCOM: Single Mobility System (SMS) • U.S. Air Force: 33,000 General/Field Grade Officer Records • Navy: Over 300,00 User ID/Passwords Compromised • Navy: Missile Navigation and Tracking Systems • Navy: Nuclear Submarine/Anti-Air Missile Designs
(S//REL) Science & Technology Export Controlled • International Traffic and Arms Restrictions (ITAR) Data • Contractor Research & Development • Defense Industrial Espionage - B2, F-22, F-3 5, Space-Based Laser, Others (S//REL)

Data

i

/REL) Estimated Equivalent of Five Libraries of Cong

(50 Terabytes)

TOP SECRET//COMINT//REL USA, FVEY

8

U) Cyber AttaekE
Adversary Malware
Design Process

SIGINT-Enabied Countermeasure intn.Jo
Mitigates Adversary Intrusion 'tdvers

DEPLOY
PLAN
r \r V'
• < • *
timeline 1

ATTACK

Adversary Malware
Depioyment/Attack Process

Tailored Countermeasure
Developed & Deployed

SIGINT Discovers
Adversary Intentions

Countermeasure Development

(S//REL) How do we use SIGINT to discover Malware during the

design process?

(S//REL)

TOP SECRET//COMINT//REL USA, FVEY

e-Highlighter

Click to send permalink to address bar, or right-click to copy permalink.

Un-highlight all Un-highlight selectionu Highlight selectionh