China’s suspected theft of F-35 technical data took center stage in a Senate Armed Services Committee hearing Tuesday morning when senators pressed Director of National Intelligence James Clapper and Deputy Defense Secretary Bob Work on how the United States should respond to nation-states who steal U.S. military technology.
Although the software and weapons payload for China’s J-31 fighter may be different than that of the F-35 made by Lockheed Martin [LMT], there’s no denying that the Chinese plane “mirrors” the Joint Strike Fighter, said Sen. Joe Manchin (D-W.Va.) “Why wouldn’t we take hard actions against them? I just don’t understand why we wouldn’t retaliate from a financial standpoint.”
Clapper noted that the act of stealing state secrets though cyber espionage is also practiced by the United States against China and other nations.
“So when we talk about what we’re going to do to counter espionage or retaliate for espionage, I think it’s at a good idea to at least think…about [how] people in glass houses shouldn’t throw rocks,” he said.
“So it’s okay for them to steal our secrets?” asked Senate Armed Services Committee Chairman John McCain (R-Ariz.)
“I did not say it was a good thing,” Clapper responded. “ I’m just saying that both nations engage in this.”
The Defense Department knows that China has stolen information from U.S. defense contractors, and military and intelligence agencies have a variety of “cost imposition options” at hand to deter hackers, Work said.
“It’s not necessarily tit for tat,” he said. “It is proportional response.”
The recently agreed upon cybersecurity deal between the United States and China should be seen as a confidence-building measure where the latter nation can improve its relationship with the United States by cracking down on cyber theft, Work said.
However, Clapper said he was not optimistic that the deal would have an effect on China’s actions.
During the hearing, officials said they continued to have concerns about defense companies’ ability to deter cyber attacks as well as existing cyber vulnerabilities in weapon systems.
“It is a big, big problem,” Work said. “Many of the weapon systems that we have now we’re not built to withstand a concerted cyber threat.”
Pentagon acquisition chief Frank Kendall is combing through the department’s existing weapons systems to prioritize which ones need immediate modification to allow them to weather a cyber attack. He is also defining key performance parameters so that new weapon systems are designed to be secure from the earliest stages of development, Work said.
Adm. Michael Rogers, head of the U.S. Cyber Command and National Security Agency director, acknowledged that defense contractors continue to be vulnerable to cyber attack. The Defense Department has made changes to policy that require companies to meet new cybesecurity requirements and inform the department of any network intrusions.
However, “we’re clearly not where we need to be,” he said.