AttackIQ Blog

China

    Adversary Emulation, China

    Response to CISA Advisory (AA24-038A): PRC State-Sponsored Actors Compromise and Maintain Persistent Access to U.S. Critical Infrastructure

    February 9, 2024
    AttackIQ has released a new attack graph in response to the recently published CISA Advisory (AA24-038A) which assesses that the People’s Republic of China (PRC) state-sponsored cyber actors are seeking to pre-position themselves on IT networks for disruptive or destructive cyberattacks against U.S. critical infrastructure in the event of a major crisis or conflict with the United States.
    Read More
    Adversary Emulation, China

    Emulating the Highly Elusive Chinese Adversary Gallium

    July 28, 2023
    AttackIQ has released a content bundle consisting of two new attack graphs that seek to emulate the operations carried out by the Chinese-based adversary Gallium against the Telecommunications sector in recent years.
    Read More
    Adversary Emulation, China

    Response to CISA Advisory (AA23-144A): China State-Sponsored Actor Volt Typhoon Living off the Land to Evade Detection

    May 25, 2023
    AttackIQ has released two new assessments that emulate the techniques associated with a People’s Republic of China (PRC) state-sponsored cyber actor known as Volt Typhoon. Volt Typhoon makes extensive use of living off the land tools to remaining undetected for as long as possible while complete their espionage goals.
    Read More
    Adversary Emulation, China, US-CERT Alert, US-CERT Alert Response

    Attack Graph Response to US-CERT Alert (AA22-277A): Chinese Threat Actors Steal Sensitive Information from a Defense Industrial Base Organization

    October 6, 2022
    AttackIQ has released a new fully featured attack graph that emulates the tactics, techniques, and procedures (TTPs) observed in an attack by Chinese-sponsored adversaries against a Defense Industrial Base organization in the U.S.
    Read More