On December 4, the National Security Agency (NSA) joined the Cybersecurity and Infrastructure Security Agency (CISA) and the Canadian Centre for Cyber Security to detail the broad campaign of China state-sponsored cyber actors using the BRICKSTORM malware for long-term persistence on victim systems.
BRICKSTORM malware is a sophisticated backdoor that provides capabilities for secure command and control, remote system control, and long-term persistence.
Organizations—especially those within critical infrastructure, government services and facilities, and the Information Technology sector—are encouraged to use the indicators of compromise (IOCs) and detection signatures outlined in the report to detect BRICKSTORM backdoor activity. If BRICKSTORM, similar malware, or potentially related activity is detected, promptly report the compromise.
Read the full report here.
Source: NSA
Time is running out — become a paid subscriber to IC News today, and lock in subscription rates at 2025 prices. You’ll get full access to breaking news from across the IC contracting space, with new articles each weekday.
By 
