Joint Advisory: PRC cyber actor targeting US critical infrastructure – Guidance to assist detection

The National Cyber Security Centre (NCSC) has joined international partners in publishing a technical advisory to highlight malicious cyber activity associated with a People’s Republic of China (PRC) state-sponsored cyber actor.

The activity has been observed affecting networks across United States critical infrastructure sectors and the techniques described could be used to impact other sectors.

One of the actor’s primary tactics, techniques, and procedures (TTPs) is living off the land, which uses a systems built-in network administration tools to achieve malicious objectives while avoiding detection.

The NCSC had published this advisory to provide New Zealand critical infrastructure operators and cyber defenders with information that will enable them to detect this activity.

The NCSC will also be using its own cyber defence resources, including its Malware Free Networks capability, to support New Zealand organisations’ efforts to detect and disrupt this activity.

If organisations identify malicious activity as a result of reviewing the information in this advisory, they should contact the National Cyber Security Centre.

For queries related to this advisory, please contact: info@ncsc.govt.nz