Tech companies, healthcare giants, defense
contractors, top universities, the US government—you name it, Chinese
cyber-spies have probably hacked it. And now, it seems likely, we can
add one of the world’s preeminent marine research groups to the list.
Woods Hole Oceanographic Institution sustained a
“sophisticated, targeted attack” that looks to have originated from
China, according to Christopher Land, the organization’s general counsel
and leader of its internal investigation.
If the perpetrator is indeed from the People’s Republic, it marks the latest in a series of high-profile hacks that US officials say
has resulted in theft of US commercial secrets, potentially sensitive
government information, and military data. With the US threatening
sanctions, Chinese president Xi Jinping recently vowed not to commit
commercial cyber-espionage—a pledge US officials are watching closely for signs of follow-through.
WHOI isn’t a company or a government agency, but
given its close ties with the US military and the National Science
Foundation, it’s not exactly a regular research institution, either. Its
vast cache of research holds data on everything from bowhead whale
habitats and plankton to hydrographic surveys and oceanic oxygen
levels—as well as classified work WHOI does with the Navy and the US
defense department.
The
organization’s cyber-security team first noticed suspicious activity in
late June of this year. But the breach turns out to have started back
in February 2013, based on what Land learned from Mandiant, a
cyber-security firm that WHOI brought in to investigate the attacks and
help plug the breaches.
The attack bears the hallmarks of an APT
group—that stands for “advanced persistent threat,” meaning, a
long-term, covert hack—based out of China, according to Mandiant’s
report to Land. Though the forensic investigation is still underway, it
appears that the hackers focused on data and emails, and not personal
information.
So far, there’s no sign that the hackers stole
any datasets, Land says, adding that the classified research WHOI does
for the Navy and the US defense department was stored on a different
network from the one that was breached.
Still, the question remains: If Chinese hackers
were rummaging around WHOI, what would they have been looking for? Land
declined to speculate, and the breadth of WHOI’s marine-science research
makes it hard to narrow things down.
However,
the range of China’s commercial and strategic interests in the ocean is
no less extensive—and is growing fast. China’s leaders are increasingly
intent on making the nation a “maritime power” capable of defending its
“maritime rights and interests.”
In June, China’s cabinet broadened the focus of its naval strategy to include not only territorial waters but also “open seas protection.” Meanwhile, a new “Maritime Silk Road” plan is meant to facilitate regional maritime economic development.
China’s high-seas fishing fleet is the planet’s largest (paywall), making international waters a source of increasing strategic importance, according to a recent World Bank report (pdf, p.42). Far to the north, China seems to view the Northern Sea Route—the shipping shortcut to Europe via the Arctic that global warming has helped open up—as a strategic priority. China now boasts the world’s biggest conventionally powered icebreaker
(pdf, p.36); a second is under construction. Those will also be of use
at the opposite pole—China now has four Antarctic stations and is investing rising sums into research there (paywall).
Then, of course, there are the country’s
territorial claims—notably China’s claim to more than four-fifths of the
South China Sea, water that teems with valuable fish and is thought to
sit atop even more valuable deposits of oil and natural gas.
Interestingly enough, recent reports of a cyber attack
on an international court in The Hague came in the midst of a hearing
on the Philippines’ contest of China’s South China Sea claim. As you
might have guessed, security experts are saying the attack came from China.
Image by Vince Smith, via Flickr (licensed under CC-BY-2.0, image has been cropped)
Source:Quartz
