Navigation
Download the AMN app for your mobile device today - FREE!

Chinese hackers target at least 27 universities in US, Canada, Asia to steal maritime technology

An Autonomous Surface Vehicle from University of Hawaii at Manoa displays that Aloha spirit during the Office of Naval Research (ONR)-funded biennial Maritime RobotX Challenge in Honolulu, Hawaii. (John F. Williams/U.S. Navy)
March 05, 2019

Chinese hackers have attacked at least two dozen U.S. and global universities in an effort to steal military maritime technology secrets.

Major universities in Hawaii, Washington, and Massachusetts are just a few of the targets identified in a hacking campaign that spans back to April 2017, according to iDefense research obtained by The Wall Street Journal on Tuesday.

iDefense, the cybersecurity research group of Accenture Security, is slated to publish a research report this week that details the growing Chinese cyberattacks on sensitive military and economic intelligence.

They found that universities targeted in the hack housed a naval technology department or employed staff with expertise in that area. The universities also maintained connections to an oceanographic organization in Massachusetts that also may have been targeted by the hackers.

ADVERTISEMENT

Some of the targeted universities had contracts with the U.S. Navy. Other targets like South Korea’s Sahmyook University were hit for their presumed intelligence relating to the South China Sea.

The report names The University of Hawaii, the University of Washington and Massachusetts Institute of Technology among the targeted universities, but does not include names of other prominent U.S. schools. Sources claiming to be related to the research told the WSJ that Penn State and Duke University were other targets.

The university networks were breached with phishing emails that hackers designed to look like real messages from other universities. The emails were secretly packed with spyware instead.

“Universities are pretty willing to share information in pursuit of academic information,” said Howard Marshall, who leads iDefense threat intelligence operations. “But as a lot of our adversaries have discovered, that is a sweet spot for them to operate.”

Marshall said China’s hacking efforts are intended to acquire research that would both rival the weapons capabilities of the U.S. and reveal the Pentagon’s strategic plans.

“To have knowledge of where our military capabilities are going is of extreme importance to them,” he said.

The plot has fooled many universities, but uncovering which ones were targeted has not been an easy task.

ADVERTISEMENT

The breached universities were discovered by iDefense when they identified the university networks communicating with Chinese servers associated with prominent Chinese hackers.

Researchers have previously deemed the Chinese hackers several names including Temp.Periscope, Leviathan, or Mudcarp — the same ones responsible for stealing U.S. Navy submarine plans, along with some of the highest Navy technology and classified secrets.

iDefense’s findings were similar to earlier research conducted by cybersecurity group FireEye.

“They are a full-fledged operation,” said Ben Read, senior manager for cyber espionage analysis at FireEye. “And they are not going anywhere.”

Upon discovery of a cyberattack, universities routinely notify partners and government agencies about the attack, but it’s not clear what response takes place afterward.