Cybersecurity: Crime and Espionage

Axiom -- A Chinese APT

By Paul Rosenzweig
Tuesday, October 28, 2014, 4:39 PM

And just to prove that we are equal-opportunity victims, I also saw, today, this report from Novetta on "Operation SMN" -- a report on a Chinese APT dubbed Axiom.  Here's a bit of the Executive Summary:

Axiom is responsible for directing highly sophisticated cyber espionage operations against numerous Fortune 500 companies, journalists, environmental groups, pro-democracy groups, software companies, academic institutions, and government agencies worldwide for at least the last six years. In our coordinated effort, we performed the first ever-private sponsored interdiction against a sophisticated state sponsored advanced threat group. Our efforts detected and cleaned 43,000 separate installations of Axiom tools, including 180 of their top tier implants.


Novetta has moderate to high confidence that the organization-tasking Axiom is a part of Chinese Intelligence Apparatus. This belief has been partially confirmed by a recent FBI flash released to Infragard stating the actors are affiliated with the Chinese government.

America is lucky, I think, to have such friends ....