People's Republic of China state-sponsored cyber actor living off the land to evade detection
For those who may not have seen it. The US, Canadian, Australian, governments, etc. issued an important Cyber Security Advisory highlighting PRC state sponsored activities aimed at the Critical Infrastructure (CI) sector. The advisory is a very comprehensive document that outlines the artifacts of a compromise, mitigations and IOC used but the cyber actor. I encourage all CI operators to act on this advisory, and report back to the Cyber Centre (cyber.gc.ca) (or their appropriate governments), any findings so that together we can paint a picture of the threat landscape in Canada and raise the resilience of our CI sectors.