This story will be updated as new information becomes available.
Chinese government-sponsored cyber thieves stole hundreds of gigabytes of data related to sensitive Navy undersea warfare programs from a government contractor earlier this year, a defense official familiar with details of the breach told USNI News on Friday.
The official confirmed details reported in a Friday afternoon story in The Washington Post in which hackers took “614 gigabytes of material relating to a closely held project known as Sea Dragon, as well as signals and sensor data, submarine radio room information relating to cryptographic systems, and the Navy submarine development unit’s electronic warfare library.”
The data is described in the story as sensitive but not classified.
When contacted, Navy spokesman Lt. Marycate Walsh would not confirm the accuracy of the Post report but provided a statement on general cyber intrusions.
“We treat the broader issue of cyber intrusion against our contractors very seriously. If such an intrusion were to occur, the appropriate parties would be looking at the specific incident, taking measures to protect current info, and mitigating the impacts that might result from any information that might have been compromised,” she said.
The defense official told USNI News that the there were particular concerns over the type of data that was stolen from the contractor, which supported the Naval Undersea Warfare Center based in Newport, R.I. The official indicated data from other military services may have also been taken from the contractor’s servers. Indications from the multiple breaches that occurred in January and February showed that the servers on which the technical data was stored were not properly protected, the official said.
Of particular concern is information related to the Sea Dragon anti-ship missile program, a project of the Pentagon’s Strategic Capabilities Office that was being developed by submarine builder General Dynamics Electric Boat. The Pentagon and Navy did not tell USNI News which company affiliated with the Sea Dragon program had its servers hacked.
Like the SCO-led anti-surface modification to the Standard Missile-6, the program sought to give an unspecified sub-launched weapon an anti-ship capability.
While the technical data on its own may be unclassified, enough of it combined together could give U.S. adversaries like China or Russia an edge in developing similar capabilities, Bryan Clark, a naval analyst at the Center for Strategic and Budgetary Assessments and former aide to retired former Chief of Naval Operations Adm. Jonathan Greenert, told USNI News on Friday.
“It’s bad that we’re not treating unclassified sensitive information as carefully as we should,” he said.
“We’re talking about submarine-launched weapons that were in the pile of information. The Russians or the Chinese could take that information and reverse engineer [that system].”