APT12: The PRC’s Cyber Operative

APT12, also known as Calc Team, is a cyber espionage group suspected of having links to the Chinese People’s Liberation Army (PLA). Their targets are aligned wi

By
Emily Roberts
February 12, 2024
2
min read
APT12: The PRC’s Cyber Operative

Who’s Behind It?
APT12, also known as Calc Team, is a cyber espionage group suspected of having links to the Chinese People’s Liberation Army (PLA). Their targets are aligned with the broader goals of the People’s Republic of China (PRC), focusing on sectors that are critical to national security and influence, including journalists, government entities, and the defense industrial base.

What’s Their Mission?
APT12’s operations are tightly aligned with the strategic interests of the PRC, particularly in relation to Taiwan. Their activities suggest a clear focus on gathering intelligence that supports China’s geopolitical goals. Whether it’s influencing narratives through targeted attacks on journalists or gathering sensitive military data, APT12 operates with the precision and intent of a state-sponsored actor.

Their Arsenal
APT12 is known to use a variety of malware, including RIPTIDE, HIGHTIDE, THREBYTE, and WATERSPOUT. These tools are designed to infiltrate networks, maintain persistence, and exfiltrate data without detection. The group’s reliance on these sophisticated tools underscores their capability to carry out prolonged and highly targeted cyber espionage campaigns.

How They Get In
APT12 frequently employs phishing emails as their primary attack vector, delivering exploit documents from valid but compromised accounts. This tactic not only increases the credibility of the phishing attempt but also improves the chances of a successful intrusion. Given their history, it’s expected that APT12 will continue to use phishing as a key method for delivering malware and compromising targets.

Why This Matters to Us
At Hedgehog Security, we understand that APT12’s focus on journalists, government entities, and the defense industrial base poses a significant threat, particularly given their alignment with PRC goals. The potential for APT12 to influence narratives, gather sensitive data, and advance China’s strategic interests through cyber espionage is a serious concern for any organization in their crosshairs.

That’s why we’re here. With our SOC365 service, we don’t just monitor for threats—we actively defend against them. Our deep understanding of APT12’s tactics ensures that your organization’s defenses are robust and ready to repel even the most sophisticated attacks. We’re committed to protecting your most sensitive information and ensuring that your operations remain secure from foreign interference.

In the complex world of cybersecurity, defending against groups like APT12 requires more than just technical expertise—it demands a proactive and strategic defense. At Hedgehog Security, we’re dedicated to keeping the pricks on the outside, so your organization can operate securely and confidently, knowing that your data and strategic interests are well-protected.

Share this post