APT 그룹 허브
Volt Typhoon G1017
이 그룹을 다룬 REVELARE 한국어 분석 2편 · 사용 기법 81개 · 별칭 BRONZE SILHOUETTE, Vanguard Panda, DEV-0391
이 그룹을 다룬 분석
주요 사용 기법
- T1005Data from Local System
- T1006Direct Volume Access
- T1007System Service Discovery
- T1010Application Window Discovery
- T1012Query Registry
- T1016System Network Configuration Discovery
- T1018Remote System Discovery
- T1033System Owner/User Discovery
- T1046Network Service Discovery
- T1047Windows Management Instrumentation
- T1049System Network Connections Discovery
- T1057Process Discovery
- T1068Exploitation for Privilege Escalation
- T1069Permission Groups Discovery
- T1074Data Staged
- T1078Valid Accounts
- T1083File and Directory Discovery
- T1090Proxy
- T1105Ingress Tool Transfer
- T1112Modify Registry
MITRE 공식 정의
[Volt Typhoon](https://attack.mitre.org/groups/G1017) is a People's Republic of China (PRC) state-sponsored actor that has been active since at least 2021, primarily targeting critical infrastructure organizations in the US and its territories including Guam. [Volt Typhoon](https://attack.mitre.org/groups/G1017)'s targeting and pattern of behavior have been assessed as pre-positioning to enable lateral movement to operational technology (OT) assets for potential destructive o…