Special Bulletin
HHS OCIO HC3 TLP White Threat Briefing: APT41 and Recent Activity - September 22
Agenda
- Overview of APT41
- Targeting Operations
- Indictment
- Historical Targeting
- Threats to Healthcare
- Why Healthcare
- Recent Activity
- Popular Tools and Techniques
Overview
- Chinese State-Sponsored Threat Actor
- Members of APT41 have been actively tracked since 2012
- Also Known As: Double Dragon, Barium, Winnti, Wicked Panda, Wicked Spider, TG-2633, Bronze Atlas, Red Kelpie
- Has been tracked as two separate groups; dependent on operation
- History of targeting healthcare, high-tech, telecommunications, higher education, video games, travel, and news organizations
- Frequently likes to use the following:
- Spear phishing
- Water holes
- Supply chain attacks
- Backdoors
View the detailed report below.
For help with Cybersecurity and Risk Advisory Services exclusively for AHA members, contact: