Sophos Pacific Rim

Sophos defensive and counter-offensive operation with nation-state adversaries in China

Get the story

globe

OVERVIEW

Inside the counter-offensive tactics, techniques, and procedures used to neutralize China-based threats

In the story, we disclose how the attackers used a series of campaigns with novel exploits and customized malware to conduct surveillance, sabotage, and cyberespionage. Sophos also found overlapping tactics, tools, and procedures (TTPs) with well-known Chinese nation-state groups, including Volt Typhoon, APT31 and APT41. The adversaries have targeted both small and large critical infrastructure and government facilities, primarily in South and Southeast Asia, including nuclear energy suppliers, a national capital’s airport, a military hospital, state security apparatus, and central government ministries.

Pacific Rim timeline

See how Sophos’ defensive and counter-offensive operation against multiple interlinked nation-state adversaries based in China unfolded over the course of five years.

WHAT IS PACIFIC RIM?

Learn the full high-level story of Pacific Rim from its beginnings five years ago to the present.

Read blog

Get technical details of Pacific Rim over its five-year history, including tactics, techniques, and procedures (TTPs) and indicators of compromise (IoCs).

Read blog

What Pacific Rim means

Hear from Sophos’ CEO, CISO, and head of our Field CTO organization about what Pacific Rim means for the industry.

Defending against attackers targeting Sophos Firewalls

Guides and best practices for defending against these threats