An article from the Wall Street Journal revels that a substantial list of university targets that reflects an elaborate scheme, dates back to at least April 2017 to steal military secrets. This activity was detected by iDefense, a cybersecurity intelligence unit of Accenture Security.
Woods Hole Oceanographic Institution’s The R/V Atlantis. This vessel is used to transport HOV Alvin to Oregon through the Panama Canal.
According to the article, it was found that these universities targeted either house research hubs focused on the study of undersea technologies or have a faculty on staff with extensive experience in the relevant field. Nearly all of these universities have links to the Woods Hole Oceanographic Institution, largest independent oceanographic research institution in the U.S. The institution was responsible in locating the Titanic in 1985, more than 70 years after it sunk.
Following this a Navy spokesperson stated the US Navy recognises the serious nature of cyber threats but decline further comments.
“The Department of the Navy recognises the serious nature of evolving cyber threats and continuously bolsters the department’s cybersecurity culture and awareness, along with our cyber defenses and information technology capabilities,” Navy Cmdr. J. Dorsey told Fox News in a statement.
iDefense revealed it identified the targeted universities by observing that their networks were pinging serves located in China that were allegedly controlled by a Chinese hacking group known to researchers interchangeably as TEMP.Periscope, Leviathan or Mudcarp.
In addition according to iDefense, the cyberattacks were conducted via phishing emails that posed as a legitimate message from other universities seeking research, but were loaded with malicious software.
Researchers at the U.S. cyber firm FireEye, who have studied the same group of Chinese hackers, told the Journal that they have corroborated some of the findings by iDefense.
“They are a full-fledged operation,” Ben Read, senior manager for cyber espionage analysis at FireEye, said of the hackers. “And they are not going anywhere.”