Tech companies, healthcare giants, defense contractors, top universities, the US government—you name it, Chinese cyber-spies have probably hacked it. And now, it seems likely, we can add one of the world’s preeminent marine research groups to the list.
Woods Hole Oceanographic Institution sustained a “sophisticated, targeted attack” that looks to have originated from China, according to Christopher Land, the organization’s general counsel and leader of its internal investigation.
If the perpetrator is indeed from the People’s Republic, it marks the latest in a series of high-profile hacks that US officials say has resulted in theft of US commercial secrets, potentially sensitive government information, and military data. With the US threatening sanctions, Chinese president Xi Jinping recently vowed not to commit commercial cyber-espionage—a pledge US officials are watching closely for signs of follow-through.WHOI isn’t a company or a government agency, but given its close ties with the US military and the National Science Foundation, it’s not exactly a regular research institution, either. Its vast cache of research holds data on everything from bowhead whale habitats and plankton to hydrographic surveys and oceanic oxygen levels—as well as classified work WHOI does with the Navy and the US defense department.
The organization’s cyber-security team first noticed suspicious activity in late June of this year. But the breach turns out to have started back in February 2013, based on what Land learned from Mandiant, a cyber-security firm that WHOI brought in to investigate the attacks and help plug the breaches.
The attack bears the hallmarks of an APT group—that stands for “advanced persistent threat,” meaning, a long-term, covert hack—based out of China, according to Mandiant’s report to Land. Though the forensic investigation is still underway, it appears that the hackers focused on data and emails, and not personal information.
Full article: Signs Point to China in US Research Facility Hack (Defense One)