Anonymous ID: d5464b Nov. 12, 2020, 7:28 p.m. No.11619194   🗄️.is đź”—kun

>>11618928

https://us-cert.cisa.gov/china

Chinese Malicious Cyber Activity

 

The information contained on this page is the result of analytic efforts of the Cybersecurity and Infrastructure Security Agency (CISA) to provide technical details on the tactics, techniques, and procedures used by People’s Republic of China (PRC) cyber threat actors.

 

Potential for China Cyber Response to Heightened U.S.-China Tensions

On October 1, 2020, in light of heightened tensions between the United States and China, CISA released an alert providing specific Chinese government and affiliated cyber threat actor tactics, techniques, and procedures (TTPs). The alert also includes recommended mitigations to the cybersecurity community to assist in the protection of our Nation’s critical infrastructure.

 

October 01, 2020: Activity Alert (AA20-275A) – Potential for China Cyber Response to Heightened U.S.-China Tensions

Chinese Ministry of State Security-Affiliated Cyber Threat Actor Activity

On September 14, 2020, CISA and the Federal Bureau of Investigation (FBI) issued an advisory about Chinese Ministry of State Security (MSS)-affiliated cyber threat actors targeting U.S. government agencies. CISA has consistently observed Chinese MSS-affiliated cyber threat actors using publicly available information sources and common, well-known TTPs to target U.S. Government agencies. This advisory identifies some of the more common TTPs employed by cyber threat actors, including those affiliated with the Chinese MSS.

 

September 14, 2020: Joint Cybersecurity Advisory (AA20-258A) – Chinese Ministry of State Security-Affiliated Cyber Threat Actor Activity

Chinese Malware Variants

On August 3, 2020, CISA, the FBI, and the Department of Defense (DoD) released Malware Analysis Report MAR-10292089-1.v1, which states that Chinese government actors are using malware variants in conjunction with proxy servers to maintain a presence on victim networks and to further network exploitation. CISA, FBI, and DoD are distributed this MAR to enable network defense and reduce exposure to Chinese government malicious cyber activity:

 

August 3, 2020: Malware Analysis Report (10292089-1.v1) – Chinese Remote Access Trojan: TAIDOOR