The Patriot Files Forums  

Go Back   The Patriot Files Forums > Warfare > Cyber

Post New Thread  Reply
Thread Tools Display Modes
Old 03-06-2019, 07:15 AM
Boats's Avatar
Boats Boats is offline
Senior Member

Join Date: Jul 2002
Location: Chicago, IL
Posts: 14,266
Exclamation Chinese hackers strike US universities in bid for military technology

Chinese hackers strike US universities in bid for military technology
By: Charlie Osborne for Zero Day | March 6, 2019 -- 12:40 GMT (04:40 PST) | Topic: Security

Prominent names feature on the hacking list.

Hackers from China have been conducting a cyberattack campaign against prominent universities in the United States in the hopes of stealing valuable information for military purposes.

The University of Hawaii, the Massachusetts Institute of Technology (MIT), and the University of Washington are among at least 27 universities which have been targeted worldwide, according to the Wall Street Journal.

Accenture Security's iDefense is the source of this claim, made in a new research report due to be published this week.

The cybersecurity defense unit said the "elaborate scheme" is focused on the theft of maritime technology being developed for military applications.

Educational institutions in Canada and Asia are also on the target list.

It is believed that the threat actors behind the campaign have utilized phishing tactics in an attempt to compromise university networks, often by posing as partner universities and institutions.

The cyberattacks launched against these entities were tracked as their networks were pinging Chinese servers thought to belong to hackers known as Mudcarp, Leviathan, APT40, or Temp.Periscope.

The group in question is believed to be Chinese, and given the hackers' focus on valuable technology and information of interest to the military, it is possible that Mudcarp is state-sponsored.

Many of the institutes that Mudcarp has fixated on have ties to US oceanographic research institutes.

Leviathan has been active since at least 2013. Proofpoint researchers say that the cyberattackers tend to focus their efforts on maritime industries, naval defense contractors, and university research institutions. However, attacks launched by the group have also been traced back to US shipbuilders in recent years.

In previous phishing schemes, Leviathan has distributed fake job applications and resumes, as well as an interesting malicious email attachment called "Torpedo recovery experiment." Microsoft Word and Excel documents used in these campaigns contained malware payloads made possible through macros.

FireEye, which tracks the group as APT40, believes the hackers are state-sponsored and operate "in support of China's naval modernization effort."

APT40 uses a variety of vulnerabilities in the exploit chain including CVE-2012-0158, CVE-2017-0199, CVE-2017-8759, and CVE-2017-11882. The typical attack lifecycle is shown below.

Data link:

While Chinese officials did not comment on the research, in the past, China has staunchly denied any involvement in cyberattacks against the United States or other countries.

TechRepublic: Insider cyberthreats in government agencies hit all-time high, report says

The research comes at a time when diplomatic ties between the US and China are strained. The two global giants have been embroiled in a tit-for-tat trade tariff war, a situation heightened by security concerns relating to Chinese tech firms including Huawei.

Australia and New Zealand have already banned Huawei's 5G equipment on the grounds of national security and the Trump Administration is considering following suit by way of an executive order. US federal agencies are already forbidden to purchase Huawei products on the grounds of security, but commercial companies -- at least, for now -- still have the freedom in which to do so.

CNET: FBI chief says US law enforcement will keep indicting foreign hackers

Reports suggest that Huawei is preparing to sue the US due to the federal ban, and at the same time, the US Department of Justice (DoJ) has filed criminal charges against Huawei's financial chief, Meng Wanzhou, in relation to the alleged theft of trade secrets.

O Almighty Lord God, who neither slumberest nor sleepest; Protect and assist, we beseech thee, all those who at home or abroad, by land, by sea, or in the air, are serving this country, that they, being armed with thy defence, may be preserved evermore in all perils; and being filled with wisdom and girded with strength, may do their duty to thy honour and glory; through Jesus Christ our Lord. Amen.

sendpm.gif Reply With Quote
Sponsored Links

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is On

All times are GMT -7. The time now is 08:18 PM.

Powered by vBulletin, Jelsoft Enterprises Ltd.