S. Rept. 113-258: Inquiry into Cyber Intrusions Affecting U.S. Transportation Command Contractors, Report of the Committee on Armed Services, United States Senate, September 18, 2014 [open pdf - 3MB]
This report, "Inquiry Into Cyber Intrusions Affecting U.S. Transportation Command Contractors" was presented to the 113th Congress by the U.S. Senate Committee on Armed Services. From the Executive Summary: "In April 2013, the Senate Armed Services Committee initiated an inquiry into how much information was known to the U.S. Transportation Command (TRANSCOM) about successful cyber intrusions affecting command contractors. The committee focused on TRANSCOM because of the central role that the command plays in mobilization, deployment, and sustainment operations and the critical capabilities that private companies contribute to TRANSCOM's ability to meet military requirements in contingcies. Over the course of the inquiry, the committee reviewed information provided by TRANSCOM, 11 command contractors, the Federal Bureau of Investigation (FBI), the Defense Security Service (DSS), the Defense Cyber Crime Center (DC3), and the U.S. Air Force Office of Special Investigations (AFOSI). The committee also reviewed TRANSCOM's cyber incident reporting requirement, cyber intrusion reporting provisions included in the Fiscal Year 2013 National Defense Authorization Act (NDAA), and a number of executive branch guidelines, directives, and agreements to assess their effectiveness in promoting information sharing. The committee's inquiry identified approximately 50 successful intrusions or other cyber events targeting TRANSCOM contractors between June1, 2012 and May 30, 2013. Of those 50, at least 20 were successful intrusions into contractor networks attributed to an 'advanced persistent threat' (APT), a term used to distinguish sophisticated cyber threats that are frequently associated with foreign governments. Of those APT-linked intrustions, TRANSCOM was made aware of only two, a troubling finding given the potential impact of cyber intrustions on defense information and operations."
S. Rept. 113-258; Senate Report 113-258
U.S. Government Printing Office: http://www.gpo.gov/