The Google Cloud Threat Horizons Report brings decision-makers strategic intelligence on threats to cloud enterprise users and the best original cloud-relevant research and security recommendations from throughout Google’s intelligence and security teams.
Among cyberthreat researchers, we often organize our research efforts according to different types of technologies. This allows analysts to focus and become experts on those technologies. The same is true of state-sponsored malicious cyber actors: APT10 may well be one such specialist team that concentrates on technologies that enable infrastructure access and control. Where such a technology is the ultimate goal of the attack, such as the Cloud Hopper campaign, we observe APT10 taking a firm lead. But their efforts are continuous and, arguably, more effective when allowed to track the technology developments of their targets and establish prepositioning for future attacks–perhaps even to enable other actor groups’ operations, handing off access from one to support another. Other statesponsored groups are also upskilling on targeting cloud environments with increasingly refined techniques.