What type of 'C2 on a sleep cycle' do they leave behind? Novel Chinese spy group found in critical networks in Poland, Asia
Summary
A newly identified Chinese threat group, dubbed 'C2 on a sleep cycle' due to its unique operational timing, has infiltrated over a dozen critical networks in Poland and various Asian countries since December 2024. The group's activities were uncovered recently, coinciding with anticipated high-level political discussions between the US and China.
IFF Assessment
This article describes the discovery of a new, sophisticated threat actor with the capability to infiltrate critical networks, posing a direct threat to national security and critical infrastructure.
Defender Context
Defenders should be aware of this new threat actor's capabilities and potential targeting of critical infrastructure in Poland and Asia. Monitoring for the described 'sleep cycle' C2 activity and unusual network communications during specific times will be crucial for early detection and mitigation.