The Danish defence industry was the target of successful hacks by a foreign state, mostly likely China, DR reports.
The defence hack was targeted at the Danish contributions to the American F35 Joint Strike Fighter jet programme.
Between 2008 and 2012, an advanced cyber attack was carried out on the IT systems of at least five Danish defence companies, according to DR.
“We are talking about an attack that was advanced and targeted and which took place over a long period,” Thomas Sørensen, the head of the Center for Cyber Security, told DR.
Although the Center for Cyber Security would not go on record with which companies were targeted, DR’s sources say that among the hacked businesses was Denmark’s largest weapons company, Terma.
Terma, based in Aarhus, makes several integral parts for the F-35 jets, including electronics for its radar system, advanced panels for the jet’s body that make it undetectable to enemy radar and the holding chamber for the jets’ machine guns.
According to DR’s anonymous sources, it appears that the state-sponsored hack was specifically looking for information about the F-35s, which have been described as “the most affordable, lethal, supportable and survivable aircraft ever to be used by so many warfighters across the globe”.
“It is natural to assume that it was primarily the Danish suppliers to the F35 project that were primarily affected by this hacking campaign,” one source said.
Through a freedom of information request, DR obtained documents that showed that an advanced malware programme called PlugX was used in the hack. A private security firm told DR that the programme can be traced to a Chinese hacker known as ‘Whg001’, who reportedly has ties to the Chinese military.
Terma declined to comment about DR’s findings and the Chinese Embassy in Copenhagen has previously rejected the notion that China has spied on Danish interests, telling DR that “it is very hard to prove who is behind these attacks.”