Today the Wall Street Journal confirmed concerns the Project On Government Oversight (POGO) exposed last year about security vulnerabilities due to poor oversight in the Department of Defense's Joint Strike Fighter (JSF) program. Six current and former officials familiar with the fighter program told the Journal that the $300 billion program has been repeatedly broken into by computer spies.
"This isn't just about the Joint Strike Fighter program, it is also about the utter failure of the oversight systems to stop this from happening," said POGO Executive Director Danielle Brian. "This could have been prevented. People inside the system were repeatedly trying to raise this concern. It wasn't until they went to the press that anyone did anything about it."
In May 2008, POGO obtained a Department of Defense (DoD) Inspector General (IG) report that revealed "the advanced aviation and weapons technology for the JSF program may have been compromised by unauthorized access at facilities and in computers at BAE Systems, and incomplete contractor oversight may have increased the risk of unintended or deliberate release of information to foreign competitors." The report, acquired through the Freedom of Information Act, examined the Defense Security Service's (DSS) lack of oversight of foreign-owned BAE Systems' work on the JSF and found that DSS was deferential to BAE by refusing the U.S. government access to information as required by a security agreement.
In October 2008, the DoD IG removed the report, determining they lacked "sufficient appropriate evidence" that advanced technology and classified information may have been compromised. The IG did not refute, however, the report's findings that BAE did not always cooperate with DSS.
Today's Journal report that "intruders were able to copy and siphon off several terabytes of data related to design and electronics systems… potentially making it easier to defend against the craft" suggests that there may be appropriate evidence that classified information was compromised. The Air Force has launched an investigation into the security breaches that allegedly occurred as far back as 2007 and into 2008.