Chinese Ministry of State Security-Affiliated Cyber Threat Actor Activity
The Cybersecurity and Infrastructure Agency (CISA) has released an alert detailing the Chinese Ministry of State Security affiliated cyber threat actors’ online presence. The report claims that the threat actors use publicly available information and sources as well as common tactics to target the US and affiliate agencies. the CISA has observed these groups routinely executing cyber operations against US government entities.
According to the report, Chinese MSS cyber threat actors collect open-source information, leveraging it to conduct cyber operations. The threat actors use commonly known exploits and exploit toolkits to attack targeted networks. The advisory also identifies some common TTP employed by these Chinese affiliated threat actors, however, they often use previously disclosed vulnerabilities to target networks.