Top Stories

Chinese hackers target universities for maritime research secrets

FORUM Staff

Chinese hackers are targeting universities worldwide to steal maritime research with military applications, cyber security experts said in a recent report.

A March 2019 report by iDefense, a cyber security intelligence unit of Accenture Security, said Beijing hackers targeted universities doing maritime research in Canada, the United States and Southeast Asia. Findings from the firm reviewed by The Wall Street Journal newspaper suggest that a hacking group known as Mudcarp targeted 27 universities, including Sahmyook University in South Korea, the University of Hawaii, the University of Washington and the Massachusetts Institute of Technology, pictured.

A key finding of the report, “Mudcarp’s Focus on Submarine Technologies,” was that China-based hackers are attempting to unearth “very specific submarine technologies produced by multiple cleared defense contractors (and their respective supply chains).”

“Any technology or program that involves the delivery or launching of a payload from a submerged submarine, or undersea autonomous vehicles, is of high interest to Mudcarp,” the report said.

The list of affected schools is not included in the report because of ongoing investigations. Some of the targets had been awarded contracts by the U.S. Navy. Sahmyook University, however, appeared to be targeted because of its proximity to China, The Wall Street Journalreported.

The Chinese hacking group has been linked to other cyber breaches in the U.S. that resulted in the theft of sensitive military information, including submarine missile plans.

Universities, which champion academic freedom, sometimes unintentionally provide hackers room to operate, experts said. “Universities are pretty willing to share information” in pursuit of academic advancement, said Howard Marshall, who leads the iDefense threat intelligence operations, according to The Wall Street Journal.“But as a lot of our adversaries have discovered, that is a sweet spot for them to operate.”

Marshall, formerly deputy assistant director of the Federal Bureau of Investigation’s cyber division, said the People’s Republic of China (PRC) wants to steal research to match U.S. weapons capabilities. “To have knowledge of where our military capabilities are going is of extreme importance to them,” he said.

People working for Mudcarp, which is also known as Temp.Periscope and Leviathan, have posed as journalists or even representatives of the U.S. Navy when sending malicious emails, according to the U.S. cyber security firm FireEye.

“They are a full-fledged operation,” said Ben Read, senior manager for cyber espionage analysis at FireEye. “And they are not going anywhere.”

A FireEye investigation found that a group it calls APT 40 has pursued maritime technological secrets for years, according to BBC News. FireEye observed “specific targeting of countries strategically important” to the PRC’s One Belt, One Road infrastructure-building program.

As for the universities targeted by Mudcarp, nearly all had ties to the Woods Hole Oceanographic Institution, a Massachusetts-based research organization. Woods Hole specializes in marine science and engineering and is the largest independent oceanographic research institution in the U.S. with staff and students numbering about 1,000.

Related Articles

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top button