Cyberattack Hits NY School With US Military Research Contracts

China Tech Threat has been sounding the alarm over New York’s risky tech contracts with Chinese government-owned technology manufacturers including Lexmark and Lenovo, both of which have been banned by the Pentagon. These concerns have cited why New York, home to the world’s financial markets and high-tech research institutions, is such a valuable target. The latest news that Rensselaer Polytechnic Institute, a renowned research and engineering school, is the latest cyberattack victim only reinforces these concerns. 

An Albany Times Union editorial “High-Tech vulnerability” echoed these concerns writing on the breadth of the threat posed by hackers who have “gotten into computer systems for airports. Telecommunications companies. Airlines. Banks. Health care systems. Insurers. Law enforcement.”

In its report that the FBI and State Police cyber squads have been called in to help investigate the attack on RPI’s systems, the Albany Times Union reported that RPI has $104 million in research contracts carried out by RPI professors and scientists that could be impacted, and RPI affiliates have contracts with research offices of the U.S. Army, Navy, Air Force and Defense Advanced Research Projects Agency, the Defense Department’s research arm. 

To this point the Albany Times Union also stated, “Criminal ransomware attacks are bad enough. But the concern is much greater, and the stakes much higher, when it comes to hostile players compromising governmental and defense systems and critical infrastructure like pipelines, dams, communication networks and electrical grids, whose failure could wreak havoc as devastating as a traditional military attack.” 

New York residents and institutions and clearly vulnerable to these types of threats and that is why we have requested information from New York’s Office of General Services (OGS) about what, if any, guardrails exist to prevent government purchases from Chinese state-owned manufacturers, whose products may contain built-in backdoors and other vulnerabilities.While we know that the State of New York has spent $28 million in recent years on Lexmark and Lenovo, public information does not indicate if those products were used at RPI. However, similar analysis of spending in other states showed widespread use of both across higher education institutions, including Kansas and Georgia.