China-linked hackers have stolen a huge trove of sensitive data from a U.S. Navy contractor, the Washington Post reported Friday. The threat actors stole more than 614 gigabytes of data including secret plans to develop a new type of submarine-launched anti-ship missile.
The Washington Post was informed by government officials that spoke on the condition of anonymity.
According to the Washington Post, the security breach took place in January and February, the hackers belong to a division of the Chinese Ministry of State Security, operating out of the Chinese province of Guangdong.
The report published by the media outlet doesn’t reveal the name of the U.S. Navy contractor, it only reports that works for the Naval Undersea Warfare Center, based in Newport, Rhode Island.
“Chinese government hackers have compromised the computers of a Navy contractor, stealing massive amounts of highly sensitive data related to undersea warfare — including secret plans to develop a supersonic anti-ship missile for use on U.S. submarines by 2020, according to American officials.” states the report published by the Washington Post.
“The hackers targeted a contractor who works for the Naval Undersea Warfare Center, a military organization headquartered in Newport, R.I., that conducts research and development for submarines and underwater weaponry.”
Stolen data included unclassified information relating to submarine cryptographic systems, signals and sensor data, and a project called Sea Dragon.
The project Sea Dragon was launched by the Pentagon to extend existing US military technologies for new applications, the US Government already spent more than $300 million for the initiative since 2015.
“The Defense Department, citing classification levels, has released little information about Sea Dragon other than to say that it will introduce a “disruptive offensive capability” by “integrating an existing weapon system with an existing Navy platform.” continues the post.
“The Pentagon has requested or used more than $300 million for the project since late 2015 and has said it plans to start underwater testing by September.”
At the time, the U.S. Navy did not comment on the incident for security reason.
“There are measures in place that require companies to notify the government when a ‘cyber incident’ has occurred that has actual or potential adverse effects on their networks that contain controlled unclassified information.” said Cmdr. Bill Speaks, a U.S. Navy spokesman,
“it would be inappropriate to discuss further details at this time.”
“Evolving cyber threats are serious matters and we are continuously bolstering our cybersecurity culture by focusing on awareness of the cyber threat, and the adequacy of our cyber defenses and information technology capabilities,” he told AFP.
This incident is the last in order of time, Chinese hackers already stole in the past sensitive information from the US military such as the blueprint of the F-35 stealth fighter, the advanced Patriot PAC-3 missile system, and other highly secret projects.
(Security Affairs – Chinese hackers, U.S. Navy)