Sophos Pacific Rim

Sophos defensive and counter-offensive operation with nation-state adversaries in China

OVERVIEW

Inside the counter-offensive tactics, techniques, and procedures used to neutralize China-based threats

In the story, we disclose how the attackers used a series of campaigns with novel exploits and customized malware to conduct surveillance, sabotage, and cyberespionage. Sophos also found overlapping tactics, tools, and procedures (TTPs) with well-known Chinese nation-state groups, including Volt Typhoon, APT31 and APT41. The adversaries have targeted both small and large critical infrastructure and government facilities, primarily in South and Southeast Asia, including nuclear energy suppliers, a national capital’s airport, a military hospital, state security apparatus, and central government ministries.

Discover Pacific Rim

Blog - Pacific Rim: Inside the counter-offensive—the TTPs used to neutralize China-based threats Oct 31, 2024
Blog - Pacific Rim timeline: Information for defenders from a braid of interlocking attack campaigns Oct 31, 2024

Pacific Rim timeline

See how Sophos’ defensive and counter-offensive operation against multiple interlinked nation-state adversaries based in China unfolded over the course of five years.

WHAT IS PACIFIC RIM?

Learn the full high-level story of Pacific Rim from its beginnings five years ago to the present.

Oct 31, 2024

Blog - Pacific Rim: Inside the counter-offensive—the TTPs used to neutralize China-based threats

Get technical details of Pacific Rim over its five-year history, including tactics, techniques, and procedures (TTPs) and indicators of compromise (IoCs).

Oct 31, 2024

Blog - Pacific Rim timeline: Information for defenders from a braid of interlocking attack campaigns