4172
Views

Chinese Hackers Steal Trove of U.S. Navy Sub Data

alt
Naval Undersea Warfare Center, Newport, RI (file image courtesy USN)

Published Jun 12, 2018 4:27 PM by The Maritime Executive

Hackers believed to be associated with China's Ministry of State Security have stolen more than 600 gigabytes of data on the U.S. Navy's submarine warfare capabilities, according to American defense officials. The hack targeted an unclassified network belonging to a defense contractor at the Naval Undersea Warfare Center in Rhode Island, and the attackers succeeded in retrieving information that could be considered classified when viewed as a whole. The incident was first reported by the Washington Post. 

Among other data stolen, the attackers reportedly retrieved information on submarine communications technology, cryptographic systems and an anti-ship-missile program by the name of "Sea Dragon." The Navy says that the program aims to adapt an unnamed, existing supersonic missile system for use on a submarine platform. It has been in development since 2015, and the service says that it is working towards an at-sea live fire test in FY2019. 

Since the U.S. military does not have a dedicated supersonic anti-ship missile, defense analysts suggest that the likeliest candidate for the existing system is the multi-role SM-6 missile, which can be used against air and surface targets. Alternatively, it could be a resurrected version of the canceled LRASM-B supersonic anti-ship missile program, according to Tyler Rogoway and Joseph Threvithick of The Drive. 

Senator Jack Reed (D-RI) met with CNO John Richardson this week to get details of the hack, and he confirmed after the meeting that the case was "very serious." The Pentagon inspector general's office said last week that the Secretary of Defense has asked it to investigate contractor cybersecurity in the wake of the data breach. 

Analysts warned that the breach might not be the last, given the large number of private contractors working for the Navy and the difficulties of enforcing compliance with data security procedures. "Despite years of warnings about pervasive cyberespionage by China, Russia and other rivals, the U.S. Navy remains desperately unserious about basic security," wrote former NSA analyst John R. Schindler for the Observer. "This demands explanation before it happens again — as it surely will unless the Navy changes course."