Hackers associated with the Chinese government have repeatedly infiltrated the computer systems of US airlines, technology companies and other contractors involved in the movement of US troops and military equipment, a US Senate panel has found.
The Senate Armed Services Committee's year-long probe, concluded in March but made public yesterday, found the military's US Transportation Command, or Transcom, was aware of only two out of at least 20 such cyber intrusions within a single year.
The investigation also found gaps in reporting requirements and a lack of information sharing among US government entities. That in turn left the US military largely unaware of computer compromises of its contractors.
"These peacetime intrusions into the networks of key defense contractors are more evidence of China's aggressive actions in cyberspace," Democratic Senator Carl Levin of Michigan, the committee's chairman, said in releasing the report.
Officials with the Chinese embassy in Washington did not immediately comment.
Cybersecurity expert Dmitri Alperovitch, chief technology officer with security firm Crowdstrike, said China had for years shown a keen interest in the logistical patterns of the US military.
The investigation focused on the US military's ability to seamlessly tap civilian air, shipping and other transportation assets for tasks including troop deployments and the timely arrival of supplies from food to ammunition to fuel.
Those companies typically do not have the level of defense against hackers as major weapons makers or the military itself.
"The military uses secret or top secret networks that are not on the internet, but private companies do not," Alperovitch said. "That's a real challenge."
In a 12-month period beginning June 1 2012, there were about 50 intrusions or other cyber events into the computer networks of Transcom contractors, the 52-page report stated.
At least 20 of those were successful intrusions attributed to an advanced persistent threat. All of those intrusions were attributed to China.
Senator Jim Inhofe of Oklahoma called for a "central clearinghouse" that makes it easy for contractors to report suspicious cyber activity.
"We must ensure that cyber intrusions cannot disrupt our mission readiness," Inhofe said.
The investigation found that a "Chinese military intrusion" into a Transcom contractor between 2008 and 2010 "compromised emails, documents, user passwords and computer code." In 2012, another intrusion was made into multiple systems of a commercial ship contracted by Transcom, the report said.
The Senate probe could further increase tensions between the two world powers over cyber spying.
In May US authorities charged five Chinese military officers, accusing them of hacking into American nuclear, metal and solar companies to steal trade secrets.
Last month, Community Health Systems, one of the largest US hospital groups, said Chinese hackers had stolen social security numbers and other personal data from some 4.5 million patients.