U.S. Navy Review Finds Evidence of Widespread Chinese Hacking

File image

Published Mar 13, 2019 11:04 AM by The Maritime Executive

The U.S. Navy's R&D ecosystem is "under cyber siege" by hackers, according to a new internal review ordered by Navy secretary Richard Spencer. The review's conclusions, first disclosed by the Wall Street Journal, reveal that the Navy's digital secrets have been so thoroughly plundered by Chinese infiltrators that the service doesn't even know what or how much it has lost. 

The most public example was the theft of confidential information from Navy contractors last year, which gave Chinese government hackers access to plans for the service's new hypersonic anti-ship missile. After the breach, Secretary of the Navy Richard Spencer ordered a thorough review. "We must act decisively to fully understand both the nature of these attacks and how to prevent further loss of vital military information," he said at the time.

Though Iranian and Russian groups have also targeted Navy systems, Chinese state-backed hackers represent the most serious threat, according to the assessment. Independent researchers have identified the hacking group TEMP.Periscope (also known as Mudcarp, APT 40 and Leviathan) as a particularly active Chinese-affiliated cyber-espionage outfit, with a specific interest in maritime technology. TEMP.Periscope has actively targeted American university researchers, contractors and other organizations involved in the development of marine systems: according to cybersecurity firm iDefense, the group targeted 27 universities with spearphishing attacks last year, including Woods Hole, MIT, the University of Washington, Penn State, Duke and others. IT research firm Proofpoint identified the group's activities and its focus on American maritime R&D back in 2014, but further successful attacks continued for years.  

The Navy's review acknowledged both the scope of the problem and its long duration. “For years, global competitors, and adversaries, have targeted and breached these critical contractor systems with impunity,” the Navy concluded. “These enterprises, regardless of their relationship with the department, are under cyber siege.”

Secretary Spencer said in a statement that the service is finally moving to address the problem. "With urgency the Department of the Navy Secretariat along with the Chief of Naval Operations and the Commandant of the Marine Corps, will coordinate with the Department of Defense and Congress for the resources required to compete and win in the cyber domain," he said. "Leadership has already initiated this process as part of a broader review of how best to organize the Department to address the overall challenges of information management; to include not only cybersecurity, but also data strategy and readiness, business system rationalization, and artificial intelligence."