The victim, a Navy contractor engaged in highly sensitive work for the victim, was the subject of a security compromise. This entity develops naval warfare technology, including the creation of advanced submarine systems and undersea weapons, and is linked to significant U.S. defense initiatives such as the Sea Dragon project and other underwater programs.
According to sources, state-sponsored attackers infiltrated the contractor's systems in early 2018. The TTPs of the breach align with those typically employed by the Chinese Ministry of State Security, known for its sophisticated cyber espionage operations. This incident is part of an ongoing cyberwarfare narrative between the U.S. and China, with the latter making significant advances despite international attempts to stem such intrusions.
The breach led to the exfiltration of 614 gigabytes of data, including details on the so-called Sea Dragon project. Although officials noted the data was unclassified, when aggregated, it potentially bore the hallmarks of classified information.