In January 2018, the **Naval Undersea Warfare Centre (NUWC)** in Newport, Rhode Island, suffered a severe **malware-driven data breach** orchestrated by Chinese state-sponsored hackers under the **Winnti Umbrella** campaign. The attackers exploited a **contractor’s system** to infiltrate NUWC’s network, exfiltrating **614GB of highly sensitive data**, including classified details of **Project Sea Dragon**—a critical undersea warfare initiative. The breach was part of a **decade-long espionage operation** targeting U.S. military and political entities, aiming to compromise national security assets. The stolen data likely included **proprietary defense technologies, operational plans, and intelligence**, posing a direct threat to U.S. naval capabilities. The incident underscored vulnerabilities in **supply chain security**, as third-party contractors became the entry point for advanced persistent threats (APTs). The breach’s scale and the nature of the compromised data suggest **long-term strategic consequences**, including potential advancements in adversarial military technology and compromised U.S. defense secrecy.
TPRM report: https://www.rankiteo.com/company/naval-undersea-warfare-center-newport
"id": "nav418092125",
"linkid": "naval-undersea-warfare-center-newport",
"type": "Cyber Attack",
"date": "1/2018",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization’s existence"{'affected_entities': [{'industry': 'defense',
'location': 'Newport, Rhode Island, USA',
'name': 'Naval Undersea Warfare Centre (NUWC)',
'type': 'government/military research facility'},
{'industry': 'defense contracting',
'name': 'Unnamed contractor (targeted as entry point)',
'type': 'third-party vendor'}],
'attack_vector': ['supply chain attack (via contractor)', 'malware'],
'data_breach': {'data_exfiltration': True,
'sensitivity_of_data': 'high (top-secret/confidential '
'military intelligence)',
'type_of_data_compromised': ['classified military project '
'data',
'Project Sea Dragon details']},
'date_detected': '2018-01',
'description': 'In January 2018, the Naval Undersea Warfare Centre in '
'Newport, Rhode Island, was hit by a malware attack resulting '
'in a data breach. Hackers targeted a contractor working for '
'the center, stealing 614GB of highly sensitive data, '
'including information about **Project Sea Dragon**. The '
'incident is believed to be part of a decade-long Chinese '
"state-sponsored hacking campaign nicknamed **'Winnti "
"Umbrella'**, targeting political and defense entities.",
'impact': {'brand_reputation_impact': ['potential damage to U.S. defense '
'credibility',
'exposure of classified military '
'projects'],
'data_compromised': '614GB'},
'initial_access_broker': {'entry_point': 'compromised contractor',
'high_value_targets': ['Project Sea Dragon',
'military R&D data']},
'motivation': ['cyber espionage',
'intellectual property theft',
'military intelligence gathering'],
'post_incident_analysis': {'root_causes': ['third-party vendor security '
'weaknesses',
'supply chain vulnerability']},
'ransomware': {'data_exfiltration': True},
'references': [{'source': 'U.S. Department of Justice (DOJ) indictments '
'related to Winnti Umbrella'},
{'source': 'Cybersecurity reports on Chinese APT groups (e.g., '
'FireEye, CrowdStrike)'}],
'regulatory_compliance': {'regulations_violated': ['potential violations of '
'U.S. defense secrecy laws '
'(e.g., ITAR, EAR)',
'classified information '
'handling protocols']},
'threat_actor': ['Chinese state-sponsored actors',
'Winnti Umbrella (APT group)'],
'title': 'Malware Attack and Data Breach at Naval Undersea Warfare Centre '
'(2018)',
'type': ['malware attack', 'data breach', 'cyber espionage']}