CISA Alert: Chinese Government-affiliated Malicious Cyber Activity

The U.S. Department of Homeland Security Cybersecurity and Infrastructure Security Agency (CISA) has published a new alert about cyber threat actors affiliated with the Chinese government – specifically the Ministry of State Security – targeting U.S. government agencies. CISA developed the alert with contributions from the FBI. The alert states that the threat actors are using open-source information to plan and conduct cyber operations and employing readily available exploits and exploit toolkits to quickly engage target networks. CISA used the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) and Pre-ATT&CK frameworks to characterize the tactics, techniques, and procedures (TTPs) used by the threat actors. To defend against this activity, CISA emphasizes the importance of maintaining a rigorous patching cycle, observing it “continues to be the best defense against the most frequently used attacks.” Read the alert at CISA.