China is aggressively claiming territory deeper into the South China Sea, threatening economic and political stability in the Southeast Asia and beyond. The territorial activity is accompanied by high-tempo cyber espionage and malware attacks, malicious attachments and spear phishing, directed at Southeast Asian military, diplomatic, and economic targets.
ThreatConnect®, in partnership with Defense Group Inc., has attributed the targeted cyber espionage infrastructure activity associated with the “Naikon” Advanced Persistent Threat (APT) group to a specific unit of the Chinese People’s Liberation Army (PLA). Our assessment is based on technical analysis of Naikon threat activity and native language research on a PLA officer within Unit 78020.
Project CameraShy takes readers through our intelligence analysis, pivot by pivot, as we connect the dots using the Diamond Model of Intrusion Analysis.