Chinese gov't hackers snag secret missile plans in Navy contractor breach
Attivo Networks Blogs

Chinese gov’t hackers snag secret missile plans in Navy contractor breach

SC media logo

Hackers from the Chinese Ministry of State Security who broke into the systems of a contractor working for the U.S. Naval Undersea Warfare Center stole 614GB of sensitive information, including plans for a supersonic anti-ship missile to be launched from a submarine.

The hacks, which occurred in January and February, according to a report in the Washington Post, yielded details on the Sea Dragon missile program, which was created in 2012 to adapt existing military technology to new uses.

“We saw a similar attack when the Dragonfly group gained direct access to the U.S. power grid through a vulnerable third party. That makes two significant, successful breaches targeting highly sensitive materials that have occurred through third parties,” said Fred Kneip, CEO, CyberGRX. “It’s an effective approach because large organizations have thousands of contractors, vendors and suppliers that they interact with – and any one of them could be the way in.”

The breach demonstrates that “even an entity as highly regulated and classified as the federal government is not immune from the danger posed by third-party vulnerabilities,” said Ruchika Mishra, director of product marketing for Balbix, who concurred that since hackers commonly use third parties as entry points, “it makes sense that similar patterns would hold true for nation-states looking to breach their adversaries’ cyber defenses.”

The Pentagon and the FBI are investigating the breach.

Read more>>>

Share on:

Free Active Directory Assessment

Get Visibility Into Privilege And Service Account Exposure

For a limited time, Attivo Networks is providing free Active Directory Security Assessments to demonstrate how ADAssessor provides unprecedented and continuous visibility to AD vulnerabilities.

Try Our Endpoint Detection Net (EDN) for Free

FAST AND EASY

Free use offer of our Award-winning security solution to prevent attackers from lateral movement, credential theft, and privilege escalation, fast and easy.

Newsletter Signup

    Yes, please opt me in to receive your quarterly newsletter, event invitations, and product updates.

    I understand that I can opt out at any time, and can refer to Attivo Networks Privacy Policy for more information.
  • This field is for validation purposes and should be left unchanged.

ADSecure 90-Day Free Trial

GET PROTECTION AGAINST UNAUTHORIZED ACCESS TO ACTIVE DIRECTORY

  • Hide and deny access to AD objects
  • Get alerted on unauthorized queries
  • Attack details easily viewable in dashboard
  • Your data remains on-premise

RSS

Leave a Comment

Your email address will not be published. Required fields are marked *

4 × 4 =

Ready to find out what’s lurking in your network?

Scroll to Top