- Novetta has moderate to high confidence that the organization tasking Axiom is a part of Chinese Intelligence Apparatus. This belief has been partially confirmed by a recent FBI flash released to Infragard stating the actors are affiliated with the Chinese government.
- A coordinated effort across the private industry can have quantifiable impact on state-sponsored threat actors.
- The Axiom threat group is a well resourced, disciplined, and sophisticated subgroup of a larger cyber espionage group that has been directing operations unfettered for over six years.
- Axiom actors have victimized pro-democracy non-governmental organizations (NGO) and other groups and individuals that would be perceived as a potential threat to the stability of the Chinese state.
- Axiom operators have been observed operating in organizations that are of strategic economic interest, that influence environmental and energy policy, and that develop cutting edge information technology including integrated circuits, telecommunications equipment manufacturers, and infrastructure providers.
- Later stages of Axiom operations leverage command and control infrastructure that has been compromised solely for the targeting of individual or small clusters of related targeted organizations.
- Axiom uses a varied toolset ranging from generic malware to very tailored, custom malware designed for long-term persistence that at times can be measured in years.
You can access the full report and an infographic that describes the timeline associated with this effort here. Novetta feels the unified approach developed within Operation SMN to unite multiple industry perspectives and technical capabilities provided the highest level of visibility and established the foundation to deliver the intended effects against a threat of this nature. It is Novetta’s hope that others within industry will embrace and adopt a similar approach in the future.
About Novetta Solutions
Headquartered in McLean, VA with over 600 employees across the US, Novetta has over two decades of experience solving problems of national significance through advanced analytics for government and commercial enterprises worldwide. Novetta’s Cyber Analytics, Identity Analytics and Social Analytics capabilities enable customers to find clarity from the complexity of ‘big data’ at the scale and speed needed to drive enterprise and mission success. Visit www.novetta.com for more information.
Kaila Brosey, MerrittGroup, 703-390-1534, email@example.com