Official websites use .gov
Secure .gov websites use HTTPS
Sept. 18, 2024
NSA and Allies Issue Advisory about PRC-Linked Actors and Botnet Operations
FORT MEADE, Md. - The National Security Agency (NSA) joins the Federal Bureau of Investigation (FBI), the United States Cyber Command’s Cyber National Mission Force (CNMF), and international allies in releasing new information about People’s Republic of China (PRC)-linked cyber actors who have compromised internet-connected devices worldwide to create a botnet and conduct malicious activity.
July 8, 2024
NSA Joins in Releasing Case Studies Showing PRC Tradecraft in Action
FORT MEADE, Md. – The National Security Agency (NSA) is joining the Australian Signals Directorate (ASD) and other agencies to publish a Cybersecurity Advisory (CSA) detailing the tradecraft used by a cyber actor group associated with the People’s Republic of China (PRC) Ministry of State Security (MSS). “PRC MSS Tradecraft in Action” helps cybersecurity practitioners prevent, identify, and remediate intrusions against their own networks by sharing significant case studies of the adversary’s tactics and techniques.
Feb. 7, 2024
NSA and Partners Spotlight People’s Republic of China Targeting of U.S. Critical Infrastructure
The National Security Agency (NSA) has joined partners to issue a Cybersecurity Advisory (CSA) to address People’s Republic of China (PRC) targeting of U.S. critical infrastructure. The CSA, entitled “PRC State-Sponsored Actors Compromise and Maintain Persistent Access to U.S. Critical Infrastructure,” is led by the Cybersecurity and Infrastructure Security Agency (CISA) in partnership with NSA, the Federal Bureau of Investigation (FBI), and additional government agencies.
Sept. 27, 2023
U.S. and Japanese Agencies Issue Advisory about China Linked Actors Hiding in Router Firmware
The National Security Agency (NSA), U.S. Federal Bureau of Investigation (FBI), U.S. Cybersecurity and Infrastructure Security Agency (CISA), Japan National Police Agency (NPA), and Japan National Center of Incident Readiness and Strategy for Cybersecurity (NISC) are releasing the joint Cybersecurity Advisory (CSA) “People’s Republic of China-Linked Cyber Actors Hide in Router Firmware” about the activities of BlackTech cyber actors.
Sept. 21, 2023
GEN Nakasone Offers Insight into Future of Cybersecurity and SIGINT
GEN Paul M. Nakasone, Commander of U.S. Cyber Command (USCYBERCOM), Director of NSA, and Chief of the Central Security Service (CSS), offered insight into what the future of cybersecurity and signals intelligence may look like during a conference in Washington earlier this month.
May 24, 2023
NSA and Partners Identify China State-Sponsored Cyber Actor Using Built-in Network Tools When Targeting U.S. Critical Infrastructure Sectors
The National Security Agency (NSA) and partners have identified indicators of compromise (IOCs) associated with a People’s Republic of China (PRC) state-sponsored cyber actor using living off the land techniques to target networks across U.S. critical infrastructure.
Oct. 6, 2022
NSA, CISA, FBI Reveal Top CVEs Exploited by Chinese State-Sponsored Actors
In a Cybersecurity Advisory released today, the National Security Agency (NSA), the Cybersecurity and Infrastructure Security Agency (CISA), and the Federal Bureau of Investigation (FBI) exposed the “Top Common Vulnerabilities and Exposures (CVEs) Actively Exploited by People’s Republic of China State-Sponsored Cyber Actors” since 2020.
June 7, 2022
NSA, CISA, and FBI Expose PRC State-Sponsored Exploitation of Network Providers, Devices
The National Security Agency (NSA), Cybersecurity and Infrastructure Security Agency (CISA), and Federal Bureau of Investigation (FBI) released a Cybersecurity Advisory (CSA) today, “People’s Republic of China State-Sponsored Cyber Actors Exploit Network Providers and Devices.” The advisory highlights how People’s Republic of China (PRC) actors have targeted and compromised major telecommunications companies and network service providers primarily by exploiting publicly known vulnerabilities. Networks affected have ranged from small office/home office (SOHO) routers to medium and large enterprise networks.