Chinese Government-affiliated Malicious Cyber Actors Targeting U.S. Government Agencies

Original release date: September 14, 2020

The Cybersecurity and Infrastructure Security Agency (CISA) and Federal Bureau of Investigation (FBI) have issued an advisory about Chinese Ministry of State Security (MSS)-affiliated cyber threat actors targeting U.S. government agencies. Through the National Cybersecurity Protection System, CISA has observed Chinese MSS-affiliated cyber threat actors operating from the People’s Republic of China using commercially available information sources and open-source exploitation tools.

CISA leveraged the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) and Pre-ATT&CK frameworks to characterize the tactics, techniques, and procedures (TTPs) used by Chinese MSS-affiliated actors. CISA encourages users and administrators to review the joint cybersecurity advisory and CISA's Chinese Malicious Cyber Activity page for more information.

This product is provided subject to this Notification and this Privacy & Use policy.