Earlier today, Penn State University, which develops sensitive technology for the US Navy, disclosed that Chinese hackers have been sifting through the computers of its engineering school for over two years. As one of the largest and most productive research universities in the country, Penn State offers a veritable treasure trove of technology that’s already being developed with partners for commercial applications. This breach suggests that foreign spies could be using universities as a backdoor to American commercial and defense secrets.
According to Penn State, the hackers are so deeply embedded that the engineering college’s computer network will be taken offline for several days while investigators work on ejecting the intruders. According to Penn State President Eric Barron, this was an “advanced attack” by “very sophisticated threat actors”, and the school is devoting “all necessary resources” to help the college recover quickly. The FBI notified the university of the breach back in November of 2014, spawning a months-long investigation that eventually found two separate groups of hackers stealing data. The first group has been linked by investigators to the Chinese government. Although the second group hasn’t been identified yet, investigators believe it to be the work of state-sponsored hackers. So far, the investigation and remediation efforts have cost Penn State millions of dollars.
For years now, US engineering schools such as MIT, the California Institute of Technology, Berkeley, Carnegie Mellon and Johns Hopkins have been top targets of Chinese hacking and other intelligence operations for both commercial and defense purposes. In addition to online activities, the Chinese have sent legions of graduate students to American schools and have tried to recruit students, faculty members and others at both universities and government research facilities.
Among Penn State’s specialties is aerospace engineering, which has both commercial and defense applications with high importance to the Chinese government. The university is also home to Penn State’s Applied Research Laboratory, one of 14 research centers around the US that mainly work for the military. Although the lab isn’t part of the College of Engineering, experts there have been alerted to the security breach and are currently investigating whether the hackers could have moved there from those networks. The lab’s computers are separated from the engineering college by “network-based controls”, and its personnel use different passwords. The Applied Research Lab has been doing work for the Navy since 1945, and specializes in undersea propulsion and navigation. The fact that the hackers remained undetected in the network for over two years raises the possibility that they used connections between computers to move into more highly-guarded networks, including defense contractors, government agencies or the Navy.