Shweta Sharma
In 2024, nation-state cyber activity was off the charts, with Chinese, Russian, and Iranian actors leading the charge. Their campaigns weren’t just relentless — they were innovative, using a crafty mix of Tactics, Techniques, and Procedures (TTPs) to gain footholds, stay hidden, and spy-like pros.
“There was definitely a continued and noted uptick in nation-state activity in 2024,” said Chris Hughes, a cyber innovation fellow at the US government’s Cybersecurity Infrastructure and Security Agency (CISA). “Some of the largest activities in 2024 included from Chinese APTs, such as Volt Typhoon and Salt Typhoon.”
No single TTP was the main player on its own. Instead, they worked together (often mutually inclusive) like puzzle pieces, each playing a role in the bigger picture. One actor, for example, might deploy spear-phishing to gain entry, exploit zero days for privilege escalation, and use wiper malware to cover their tracks — all in the same campaign.
While these actors operated full-blown strategies with many moving parts, here are a few key TTPs that defined nation-state cyber warfare in 2024.
No comments:
Post a Comment