The National Security Agency (NSA) and Central Security Service (CSS) this week released a threat advisory which highlights a cluster of activity being attributed to a China state-sponsored threat group.
The Cybersecurity and Infrastructure Security Agency (CISA), NSA and Federal Bureau of Investigation (FBI), along with the Australian Signals Directorate’s Australian Cyber Security Centre (ACSC), the Communications Security Establishment’s Canadian Centre for Cyber Security (CCCS), the New Zealand National Cyber Security Centre (NCSC-NZ) and the United Kingdom National Cyber Security Centre (NCSC-UK) published a Joint Cybersecurity Advisory on May 24, that shares technical details regarding malicious activity by a People’s Republic of China (PRC) state-sponsored cyber actor. The advisory provides new insights into the specific tactics, techniques and procedures used by PRC cyber actors to gain and maintain persistent access into critical infrastructure networks.