Attacking Air gapped networks

Submitted by: Daryl Haegley, Director, Mission Assurance & Cyber Deterrence at Dod


https://www.securityweek.com/chinese-hackers-target-air-gapped-military-networks

A threat actor believed to be operating out of China has been targeting physically isolated military networks in Taiwan and the Philippines, Trend Micro reports.

Tracked as Tropic Trooper  < https://www.securityweek.com/operation-tropic-trooper-hits-targets-taiwan-philippines-trend-micro > and KeyBoy, and active since at least 2011, the threat actor is known for the targeting of government, military, healthcare, transportation, and high-tech industries in Taiwan < https://www.securityweek.com/cyberspies-target-taiwan-government-energy-sector > , the Philippines, and Hong Kong.

Previously, the group was observed targeting victims with spear-phishing emails containing malicious attachments designed to exploit known vulnerabilities < https://www.securityweek.com/keyboy-abuses-popular-office-exploits-malware-delivery > , such as CVE-2017-0199

Thanks to =>

Mike Walsh from CyberX Labs

=> for forwarding