Cybersecurity: Crime and Espionage

Axiom -- A Chinese APT

By Paul Rosenzweig
Tuesday, October 28, 2014, 4:39 PM

And just to prove that we are equal-opportunity victims, I also saw, today, this report from Novetta on "Operation SMN" -- a report on a Chinese APT dubbed Axiom.  Here's a bit of the Executive Summary:

Axiom is responsible for directing highly sophisticated cyber espionage operations against numerous Fortune 500 companies, journalists, environmental groups, pro-democracy groups, software companies, academic institutions, and government agencies worldwide for at least the last six years. In our coordinated effort, we performed the first ever-private sponsored interdiction against a sophisticated state sponsored advanced threat group. Our efforts detected and cleaned 43,000 separate installations of Axiom tools, including 180 of their top tier implants.

***

Novetta has moderate to high confidence that the organization-tasking Axiom is a part of Chinese Intelligence Apparatus. This belief has been partially confirmed by a recent FBI flash released to Infragard stating the actors are affiliated with the Chinese government.

America is lucky, I think, to have such friends ....