Posted on March 6, 2019 at 12:22 PM
The number of universities that Chinese hackers have targeted in the United States sits at 27. This number may rise as iDefense continues its research. It appears the hackers have chosen these universities as a way to gain access to secret information on US Maritime Military Research. Universities around the world have been targeted and universities are seen as simple targets for the Chinese hackers. These hackers are a much bigger threat to world cybersecurity, than individual hackers. They are organized, intent and smart.
iDefence, the cybersecurity branch of Accenture Security, has come across a list of universities that are in the United States, but there are names on the list from Canada and Southeast Asia too. The information in their possession shows details of the scheme, that started almost three years ago, with the aim of stealing military secrets.
How do hackers operate?
Phishing emails are sent to universities that look as if they come from partner universities. When opened, a malicious payload is unleashed. The cyber attacks are led by hackers who know what they are doing and are considered to be sponsored by the Chinese government.
Analysts have nicknamed the group Temp, but the names Periscope, Mudcarp and Leviathan are also used to refer to the group. The universities targeted have either had ties to the Woods Hole Oceanographic Research Institute in the USA or have conducted studies on underwater technology, connected to the United States’ Navy Warfare Centre, iDefense. They also have researchers who have specialized in underwater affairs.
iDefense is not saying much although they are sure that confidences have been breached and the hackers are connected to the Chinese government. This particular group of hackers have been active for a few years. They are thought to be the same group that hacked a US Navy contractor in 2018. The United States and Canada have been embroiled in a battle with China, over security regarding Chinese technology firms, such as Huawei and ZTE. Both are accused of security breaches. Both have denied the accusations. The United States and China are also embroiled in a tariff war, and this is a particularly sensitive time for the relationship between both countries.
The United States has a lot to worry about regarding their relationship with China, including security breaches and tariff increases. The universities targeted include, but are not limited to, the Massachusetts Institute of Technology (MIT), The University of Washington and the University of Hawaii. Woods Hole Oceanographic Institution, who has worked closely with these universities, is a nonprofit research and education projects. They are best known for locating the Titanic in 1985 and work closely with the US military and navy.
The seriousness of the hacking has been taken seriously by iDefense and the Department of the Navy, who recognize the nature of these cyber threats. There is a need to constantly update and bolster the department’s cybersecurity and information technology. iDefense initially picked up the cyber threats when observing that the universities were pinging servers that were in China, and controlled by the Chinese, possibly Temp, Periscope, Leviathan and Mudcarp, all one and the same.
It is not yet clear if any of these universities, or their research, have been compromised.