Chinese Hackers Temp.Periscope, Leviathan, Mudcarp, Targeting U.S. Universities to Steal Research on Navy Equipment, Security Experts Say

WASHINGTON – Chinese hackers have been targeting U.S. universities to steal research about military equipment, security experts said.

Most of the universities were studying undersea technologies, the Wall Street Journal reported Tuesday, some under contracts with the Navy. The schools include Penn State and Duke University. The same group of Beijing hackers is suspected to have previously stolen information from Navy contractors.

The hackers are known as Temp.Periscope, Leviathan or Mudcarp.

The hackers took advantage of academic researchers not noticing that emails pretending to be from peers at other institutions were actually “phishing” attempts or contained malware. Infected files then spread, for example, from the University of Hawaii’s Applied Research Laboratory to Penn State.

“They are a full-fledged operation,” Ben Read, senior manager for cyber espionage analysis at FireEye, told the Wall Street Journal. “And they are not going anywhere.”

Many of the schools are linked to the Woods Hole Oceanographic Institution, a Massachusetts research institute that located the sunken Titanic and partners with the Naval Undersea Warfare Center.

The team is suspected of hacking a warfare center contractor and stealing plans for a supersonic anti-ship missile.

The cybersecurity firm iDefense said it identified breaches of universities by noticing that the schools’ servers were pinging China.

When it comes to cyber-attacks, while much of America’s attention has focused on Russia, China has allegedly quietly built a formidable operation.

The Intelligence Community Inspector General reportedly detected similar pings from Hillary Clinton’s amateur computer server to China that caused every email to be blind-copied to a Chinese group.

The country hacked the Office of Personnel Management, which houses the roster of federal employees, in 2015. Democratic California Sen. Dianne Feinstein, the former chairman of the Senate Intelligence Committee, had an alleged Chinese spy on her payroll for decades.

The country has also mounted an influence operation targeted at American universities. So-called Confucius Institutes inside U.S. colleges, which Chinese officials have described as effective arms for propaganda, have grown considerably in recent years. College administrators have expressed little concern even as some Chinese staff affiliated with the program sabotaged academic efforts, and the Chinese government shut down a reciprocal program in that country. Seventy percent of U.S. universities hosting the Chinese program violated the law by not disclosing the foreign funding, according to a bipartisan Senate report.

During a 2018 congressional hearing on China’s activities in U.S. universities, FBI Director Christopher Wray said “I think the level of naïveté on the part of the academic sector about this creates its own issues.”

“One of the things we’re trying to do is view the China threat as not just a whole-of-government threat but a whole-of-society threat on their end, and I think it’s going to take a whole-of-society response by us. So it’s not just the intelligence community, but it’s raising awareness within our academic sector.”L

Follow Luke on Twitter.