Chinese Hackers Suspected in ‘Sophisticated, Targeted’ Cyber-Attack on Woods Hole

Photo by dwstucke on Flickr/Creative Commons

Woods Hole Oceanographic Institution, one of the country’s top scientific research facilities, fell victim to a “sophisticated, targeted” cyber attack in June. Now, officials at WHOI believe it was the work of Chinese hackers.

In a letter last week, president Mark Abbott notified staff of the hack. “The attack was similar to those that have been experienced by many federal agencies, defense contractors and other businesses developing advanced technologies,” he said. “The investigation of the attack is ongoing, however, the investigation indicates the intent was not to obtain financial or personal identity information.”

Though an investigation by cybersecurity firm Mandiant revealed that the hackers had accessed WHOI’s network as early as February 2013, the breach went unnoticed until June. Mandiant ultimately determined the unusual activity likely came from the People’s Republic.

“Our cybersecurity firm identified evidence of attacker activity attributed to a targeted threat group, which the firm believes was made by an Advanced Persistent Threat (APT) group based in China,” Abbott said. “These conclusions were based on the firm’s experience investigating these types of attacks and the group’s distinct tools, tactics, and procedures.”

The nonprofit oceanographic institute, based in Woods Hole, Massachusetts, does extensive research for the Department of Defense. WHOI says there’s no reason to believe the Chinese hackers gained access to either classified or employee data.

“Classified and secured information is kept in a different, secure location,” WHOI general counsel Christopher Land told the Cape Cod Times. “It was never under threat. We can be secure in that.”