Sophos Pacific Rim
Sophos defensive and counter-offensive operation with nation-state adversaries in China
Get the story
OVERVIEW
Inside the counter-offensive tactics, techniques, and procedures used to neutralize China-based threats
In the story, we disclose how the attackers used a series of campaigns with novel exploits and customized malware to conduct surveillance, sabotage, and cyberespionage. Sophos also found overlapping tactics, tools, and procedures (TTPs) with well-known Chinese nation-state groups, including Volt Typhoon, APT31 and APT41. The adversaries have targeted both small and large critical infrastructure and government facilities, primarily in South and Southeast Asia, including nuclear energy suppliers, a national capital’s airport, a military hospital, state security apparatus, and central government ministries.
Discover Pacific Rim
- Blog - Pacific Rim: Inside the counter-offensive—the TTPs used to neutralize China-based threats Oct 31, 2024
- Blog - Pacific Rim timeline: Information for defenders from a braid of interlocking attack campaigns Oct 31, 2024
- What Pacific Rim means
- Pacific Rim from Sophos X-Ops’ research
- Defending against attackers targeting Sophos Firewall
Pacific Rim timeline
See how Sophos’ defensive and counter-offensive operation against multiple interlinked nation-state adversaries based in China unfolded over the course of five years.
