At least 27 universities in the United States, Canada, and Southeast Asia reportedly have been targeted by Chinese hackers looking to steal maritime military technology and secrets.
iDefense, a cybersecurity intelligence unit of Accenture Security, found a substantial list of university targets that reflects the breadth and nature of an elaborate scheme that dates back to at least April 2017 to steal military secrets, the Wall Street Journal reported.
The research by iDefense is set to be published next week.
According to the WSJ, the cybersecurity unit found the majority of the universities targeted either house research hubs focused on undersea technology or have faculty on staff with extensive experience in a relevant field.
Nearly all have links to Woods Hole Oceanographic Institution, a research and education nonprofit located in Woods Hole, Mass., which also was likely compromised by hackers. The institution is the largest independent oceanographic research institution in the U.S., boasting notable achievements such as locating the Titanic in 1985, more than 70 years after it sunk, the WSJ reported.
A Navy spokesperson declined to comment on the hacking at the universities, only saying it recognizes the serious nature of cyber threats.
“The Department of the Navy recognizes the serious nature of evolving cyber threats and continuously bolsters the department’s cybersecurity culture and awareness, along with our cyber defenses and information technology capabilities,” Navy Cmdr. J. Dorsey told Fox News in a statement.
iDefense said it identified the targeted universities by observing that their networks were pinging serves located in China that were allegedly controlled by a Chinese hacking group known to researchers interchangeably as TEMP.Periscope, Leviathan or Mudcarp.
The iDefense report did not name several of the targeted universities, however, people familiar with the hacking told the WSJ that Penn State – among the top earners of Defense Department research dollars – was among the targets.
A Penn State spokesperson declined to say whether the university had been comprised, saying that the school immediately notifies the government and relevant partners whenever there is a breach.
“We are of course very aware of the persistent threat from both state and non-state actors in the cyber domain, which also has been well-documented by the press and the U.S. Government,” the spokesperson told Fox News in a statement. “This threat targets not only cleared defense contractors but also industry, academia and other entities that work with valuable and sensitive information on their computer networks.”
Other universities believed to have been targeted include the University of Hawaii, the University of Washington, Massachusetts Institute of Technology and Duke University.
According to iDefense, the cyberattacks were conducted via phishing emails that posed as a legitimate message from other universities seeking research, but were loaded with malicious software.
“Universities are pretty willing to share information in pursuit of academic information,” Howard Marshall, who leads iDefense threat intelligence operations, told the WSJ. “But as a lot of our adversaries have discovered, that is a sweet spot for them to operate.”
Researchers at the U.S. cyber firm FireEye, who have studied the same group of Chinese hackers, told the Journal that they have corroborated some of the findings by iDefense.
“They are a full-fledged operation,” Ben Read, senior manager for cyber espionage analysis at FireEye, said of the hackers. “And they are not going anywhere.”
Fox News' Eric Shawn contributed to this report.