REDLEGG'S
THREAT PROFILE:
SILK TYPHOON
Explore what sets RedLegg apart with our Cyber Threat Intelligence Team's in-depth analysis of Silk Typhoon. Learn what to look for and the MITRE ATT&CK techniques.
| TABLE OF CONTENTS | |
| EXECUTIVE SUMMARY | 4 |
| TACTIC: INITIAL ACCESS – TA0001 | 5 |
| OBSERVABLES TABLE | 5 |
| MITRE ATT&CK TECHNIQUES | 5 |
| DETECTION CAPABILITIES | 5 |
| TACTIC: EXECUTION – TA0002 | 5 |
| OBSERVABLES TABLE | 6 |
| MITRE ATT&CK TECHNIQUES | 6 |
| DETECTION CAPABILITIES | 6 |
| TACTIC: PERSISTENCE – TA0003 | 6 |
| OBSERVABLES TABLE | 6 |
| MITRE ATT&CK TECHNIQUES | 6 |
| DETECTION CAPABILITIES | 6 |
| TACTIC: PRIVILEGE ESCALATION – TA0004 | 7 |
| MITRE ATT&CK TECHNIQUES | 6 |
| TACTIC: DEFENSE EVASION – TA0005 | 8 |
| OBSERVABLES TABLE | 8 |
| MITRE ATT&CK TECHNIQUES | 8 |
| DETECTION CAPABILITIES | 8 |
| TACTIC: CREDENTIAL ACCESS – TA0006 | 9 |
| OBSERVABLES TABLE | 9 |
| MITRE ATT&CK TECHNIQUES | 9 |
| DETECTION CAPABILITIES | 9 |
| TACTIC: DISCOVERY – TA0007 | 10 |
| OBSERVABLES TABLE | 10 |
| MITRE ATT&CK TECHNIQUES | 10 |
| DETECTION CAPABILITIES | 11 |
| TACTIC: LATERAL MOVEMENT – TA0008 | 11 |
| DETECTION CAPABILITIES | 11 |
| TACTIC: COLLECTION – TA0009 | 11 |
| OBSERVABLES TABLE | 11 |
| MITRE ATT&CK TECHNIQUES | 11 |
| DETECTION CAPABILITIES | 12 |
| TACTIC: COMMAND AND CONTROL – TA0011 | 12 |
| MITRE ATT&CK TECHNIQUES | 12 |
| DETECTION CAPABILITIES | 12 |
| TACTIC: EXFILTRATION– TA0010 | 14 |
| MITRE ATT&CK TECHNIQUES | 14 |
| TACTIC: IMPACT– TA0040 | 14 |
| OBSERVABLES TABLE | 14 |
| MITRE ATT&CK TECHNIQUES | 14 |
| DETECTION CAPABILITIES | 14 |
| REFERENCES | 15 |
