The Wall Street Journal on Tuesday quoted cybersecurity experts, including current and former U.S. officials, who said Chinese hackers have targeted almost 30 universities around the world since April 2017 in a bid to steal research associated with military naval technology.

The cyber attack was discovered when security experts discovered university networks were inexplicably attempting to communicate with a group of servers in China controlled by a well-known hacking group.

The mysterious network “pings” proved to be emanating from malware slipped into the university networks by tricking users into opening virus-laden email attachments, a technique known as “phishing.”

Targeted universities included the University of Washington, the Massachusetts Institute of Technology, and according to WSJ sources Penn State and Duke. Universities in Canada and South Korea were penetrated as well. The targeted schools have naval technology departments, naval experts on staff, or contracts with the U.S. Navy.

The same hacking group, variously known as “Temp.Periscope,” “Leviathan,” and “Mudcarp,” is believed responsible for stealing U.S. submarine warfare data over an 18-month period ending in December 2018.

The report is based on cybersecurity work by a firm called iDefense. The Journal cited researchers from another security firm, FireEye, who said the findings were consistent with their own research.