Microsoft Threat Intelligence determined that Silk Typhoon, “an espionage-focused Chinese state actor” is now targeting vulnerabilities in commercial IT solutions via stolen credentials and API keys, in addition to hacked passwords. Silk Typhoon uses the access granted by these assets to infiltrate access management and cloud services, and execute a variety of malicious activities. Microsoft Threat Intelligence provides an overview of the targeted industry sectors, an explanation of Silk Typhoon’s methods, and guidance regarding countermeasures.
