The Mechanics of a Long-Running Cyber Espionage Operation

The Mechanics of a Long-Running Cyber Espionage Operation

FireEye recently released a report called "APT30 AND THE MECHANICS OF A LONG-RUNNING CYBER ESPIONAGE OPERATION" .The report focuses on a targeted threat group that we call APT30 (Advanced Persistent Threat group 30) and details how a cyber-threat group exploited Governments and commercial entities across India and Southeast Asia for over a decade.

APT30 is noted for sustained activity, and also for successfully maintaining the same tools, tactics, and infrastructure since at least 2005.

Highlights of the report:

  • APT30's consistent long-term mission: Data theft for political gain
  • Group has a structured and organized workflow, illustrative of a collaborative team environment
  • Identifies and steals documents, especially documents that may be stored on air-gapped networks
  • APT30's targets align with Chinese Government interests and focus on India & Southeast Asia
  • Pursues members of the Association of Southeast Asian Nations (ASEAN)
  • Consistently includes Regional Security and Political Themes

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing, you agree to our use of cookies.