VERY IMPORTANT

Key individuals, who are believed to be part of a China-based attack group, have been stealing years of valuable government and corporate information from defense and high technology organizations in the US since 2013 and political and government-related entities in China, Hong Kong, and the Philippines since 2010. This shift in targets is highly notable for the active cyber espionage operation we dubbed as “Operation Iron Tiger.” We believe that the threat actors have simply moved up in the food chain and were assigned new, high-level targets to spy on–all as part of a bigger espionage campaign. US defense contractors were only fairly recent targets based on the operation’s history, which we traced to spear-phishing in 2010. “Foreign policy,” “future of the US Army Officer Corps,” and “economic development” are only a few of the keywords that threat actors have been using in spear-phishing attacks against directors and project managers of technology-inclined US government contractors.