Report: University of Hawaii among dozens of schools targeted by Chinese hackers seeking military research

The University of Hawaii is among more than 27 universities that have been targeted by Chinese hackers seeking to steal maritime technology research being conducted for the military, the Wall Street Journal reported Tuesday.

UH, the University of Washington and Massachusetts Institute of Technology were among the institutions in the United States, Canada and Southeast Asia, the Journal said, citing information provided by iDefense, a cybersecurity intelligence unit of Accenture Security.

The ongoing cyber campaign by Beijing to steal U.S. military research dates to at least April 2017, according to the findings.

“The University of Hawaii is cooperating with federal law enforcement agencies and cannot comment further on the specifics of the Wall Street Journal article,” UH spokesman Dan Meisenzahl said in an email. “That said, the persistent cybersecurity threat to universities from both state and non-state actors has been well-documented.”

The threat “is a continuing one that targets academia, industry and other entities that work with valuable and sensitive information,” he said. “UH works continuously to protect our complex networks and systems against these dynamic and sophisticated attacks, and also works to educate our community members to be able to recognize and ignore the barrage of increasingly sophisticated spear phishing attempts.”

When anomalies are discovered, Meisenzahl added, including the issues mentioned in the Wall Street Journal article, UH cooperates with appropriate enforcement authorities.

The cyberattack findings are the latest indication that Chinese efforts to obtain U.S. military and economic secrets are on the rise, the Wall Street Journal said.

iDefense identified universities being targeted by Chinese hackers by noting that their networks were connecting with servers in China controlled by a Chinese hacking group known by a variety of names including Temp.Periscope, Leviathan and Mudcarp, according to the Journal.

Spear phishing emails that looked like legitimate messages between one university and another but were actually cyberattacks loaded with malicious software appear to have been sent out, the newspaper said.

iDefense found that nonpublic files belonging to UH’s Applied Research Laboratory “were laced with malware and sent to other targets, suggesting a successful intrusion at Hawaii,” according to the Wall Street Journal.

UH said on its website that its Applied Research Laboratory “serves as a research center of excellence for critical Navy and national defense, science, technology and engineering with a focus in naval missions and related areas.”

As a designated Navy-sponsored research laboratory administered by UH, the lab conducts “strategic research” for the Navy, the Department of Defense and other government agencies in the areas of astronomy, ocean science, remote sensing, electro-optics, and engineering support to sensors, communications, and information technology, the university said.

Established in 2008 and one of 14 university-affiliated research centers within the Defense Department, the UH lab is developing hyperspectral imaging systems to detect the chemical composition of unseen objects, studying natural and man-made impacts on littoral anti-submarine warfare, and has developed advanced optics and sensor applications used in satellite tracking.