We have seen a resurgence of Chinese threat actors. In our talk we will discuss how their operational security has improved and why they are harder to track. We hope to provide some insights into a few actors’ operating patterns and how we’ve seen certain groups being impacted by COVID shutdowns or major holidays, which helps with our assessment of who they may work on behalf of.
We’ll provide a threat landscape of the industries that the different actors have targeted and which countries they couldn’t get enough of. We will deep dive into a case study on a threat actor’s activity without providing victim information. This is where we’ll plan to cover the tactics, techniques, and procedures that we have seen them using and any technology that they favor in their operations, such as the use of SOHO devices. We also plan to share our unique perspective of “supplied networks” that we’ve seen used in their operations and how we’ve observed a rapid exploitation of Zero days.