On December 14, 2018, The Wall Street Journal published an article titled, "Chinese Hackers Breach U.S. Navy Contractors"; this article appeared to be a follow-up to an article published by The Washington Post in June 2018, titled "Chinese Hackers Steal Unclassified Data From Navy Contractor." Both of these publications detail how actors who are likely associated with MUDCARP targeted the unclassified network of multiple cleared defense contractors in Newport, RI, and exfiltrated around 614 gigabytes of data pertaining to a number of US Navy programs, including program Sea Dragon, as well as sensitive cryptographic and electronic warfare libraries. By analyzing propriety sensor data and correlating it with previously identified MUDCARP indicators, iDefense analysts have likely identified the contractor that was targeted in early 2018, in addition to other Department of Defense (DoD) supply chain assets, including dozens of universities and government funded research laboratories.
The authors of the technical paper titled "Deliver Uncompromised: A Strategy for Supply Chain Security and Resilience in Response to the Changing Character of War" draw attention to the issue of adversarial targeting of the DoD supply chain by stating that most nation states have a full complement of technologies and resources available to achieve their asymmetric strategies and goals as they relate to cyberespionage. They take advantage of the inherent vulnerabilities in the complex DoD supply chain ecosystem, namely a lack of oversight associated with operational security and siloed threat intelligence sharing.
As referenced in the “Accenture Cyber Threatscape Report 2018,” supply chains are integral to the DoD as the Department works to bring its technologies and weapon platforms to maturity. Threat actors have identified these supply chains as effective means of infiltrating victim organizations. Even verticals like aerospace and defense, in which companies have bought into the maintenance of mature security hygiene or in which the regulatory landscape has forced such adoption, supply chains still present openings.
To learn more about Accenture Security Cyber Defense Services, how to apply threat intelligence to your cybersecurity operations, how to make better business decisions with threat intelligence or how to operationalize your cyberthreat intelligence, please contact us at firstname.lastname@example.org.