Schools like MIT and the University of Hawaii are the focus of Chinese hackers looking for research hubs or field experts at universities tied to Navy programs.
Nation State hacking is alive and well, according to cybersecurity intelligence firm iDefense and security vendor FireEye. Research to be release this month shows 27 U.S. universities as the target in a campaign designed to gather intel around U.S. Navy programs. The hacking group has been linked to Beijing by a number of security firms, and has been identified as the same one tied to breaches of sensitive military data in Navy contractor and subcontractor organizations.
Universities are the perfect target in this case; assuming the Chinese group has done their diligence to identify those universities that are involved with the U.S. Navy, it’s a safe assumption that there is less security in place than on Navy networks, a greater likelihood of users that will fall for social engineering scams (as a means of network entry), and plenty of viable data to be stolen.
It’s the university users that are particularly of concern. These academics are focused on the pursuit of knowledge and aren’t thinking about the need for maintaining a cybersecurity posture – despite the nature of the military research they are working on.
Universities working on projects of any kind of sensitive nature – be it military, biomedical, pharmaceutical, etc. – should have protective measures in place to ensure research doesn’t fall into the hands of a foreign nation state, a competitor, etc. Training users to be mindful of tactics used by cybercriminals and hackers alike vis Security Awareness Training will drastically reduce the likelihood of providing access to the university network.
The current set of attacks on universities won’t be the last time China (or any other foreign nation state) will attempt to exfiltrate secrets. Organizations involved with sensitive research should step up their security stance, sealing the gaps in security – including users.