<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
<meta name="Generator" content="Microsoft Word 15 (filtered medium)">
<!--[if !mso]><style>v\:* {behavior:url(#default#VML);}
o\:* {behavior:url(#default#VML);}
w\:* {behavior:url(#default#VML);}
.shape {behavior:url(#default#VML);}
</style><![endif]--><style><!--
/* Font Definitions */
@font-face
        {font-family:"Cambria Math";
        panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
        {font-family:Calibri;
        panose-1:2 15 5 2 2 2 4 3 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
        {margin:0in;
        margin-bottom:.0001pt;
        font-size:11.0pt;
        font-family:"Calibri",sans-serif;}
a:link, span.MsoHyperlink
        {mso-style-priority:99;
        color:#0563C1;
        text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
        {mso-style-priority:99;
        color:#954F72;
        text-decoration:underline;}
p.msonormal0, li.msonormal0, div.msonormal0
        {mso-style-name:msonormal;
        mso-margin-top-alt:auto;
        margin-right:0in;
        mso-margin-bottom-alt:auto;
        margin-left:0in;
        font-size:12.0pt;
        font-family:"Times New Roman",serif;}
span.EmailStyle18
        {mso-style-type:personal;
        font-family:"Calibri",sans-serif;
        color:windowtext;}
span.EmailStyle19
        {mso-style-type:personal;
        font-family:"Calibri",sans-serif;
        color:#1F497D;}
span.EmailStyle20
        {mso-style-type:personal-reply;
        font-family:"Calibri",sans-serif;
        color:#1F497D;}
.MsoChpDefault
        {mso-style-type:export-only;
        font-size:10.0pt;}
@page WordSection1
        {size:8.5in 11.0in;
        margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
        {page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
</head>
<body lang="EN-US" link="#0563C1" vlink="#954F72">
<div class="WordSection1">
<p class="MsoNormal"><span style="color:#1F497D">For Your Situational Awareness (FYSA)<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D"><o:p> </o:p></span></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal"><b><i><span style="font-size:12.0pt;color:red">INTENDED FOR WIDEST DISTRIBUTION  <o:p></o:p></span></i></b></p>
<p class="MsoNormal"><span style="font-size:12.0pt;color:red"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="font-size:12.0pt;color:black">Critical Infrastructure Partners, <o:p></o:p></span></p>
<p class="MsoNormal" style="mso-margin-top-alt:0in;margin-right:9.15pt;margin-bottom:0in;margin-left:2.0pt;margin-bottom:.0001pt;punctuation-wrap:simple;text-autospace:none">
<span style="font-size:12.0pt"><o:p> </o:p></span></p>
<p class="MsoNormal" style="mso-margin-top-alt:0in;margin-right:9.15pt;margin-bottom:0in;margin-left:2.0pt;margin-bottom:.0001pt;punctuation-wrap:simple;text-autospace:none">
<span style="font-size:12.0pt"><o:p> </o:p></span></p>
<p class="MsoNormal" style="mso-margin-top-alt:0in;margin-right:9.15pt;margin-bottom:0in;margin-left:2.0pt;margin-bottom:.0001pt;punctuation-wrap:simple;text-autospace:none">
<span style="font-size:12.0pt">As <a href="https://www.whitehouse.gov/briefing-room/statements-releases/2021/07/19/the-united-states-joined-by-allies-and-partners-attributes-malicious-cyber-activity-and-irresponsible-state-behavior-to-the-peoples-republic-of-china/">
<span style="color:#0562C1">today’s announcement</span><span style="color:#0562C1;text-decoration:none">
</span></a><span style="color:black">from the White House indicates, the cyber threat from the People’s Republic of China (PRC) continues to evolve and poses a real risk to the nation’s critical infrastructure, as well as businesses and organizations of all
 sizes at home and around the world. The Cybersecurity and Infrastructure Security Agency (CISA), in partnership with National Security Agency (NSA) and Federal Bureau of Investigation (FBI), published new advisories to help organizations assess and harden
 their networks against malicious Chinese state-sponsored cyber actors.<o:p></o:p></span></span></p>
<p class="MsoNormal" style="punctuation-wrap:simple;text-autospace:none"><span style="font-size:12.0pt"><o:p> </o:p></span></p>
<p class="MsoNormal" style="mso-margin-top-alt:.05pt;margin-right:0in;margin-bottom:0in;margin-left:1.95pt;margin-bottom:.0001pt;punctuation-wrap:simple;text-autospace:none">
<span style="font-size:12.0pt">First, CISA, NSA, and FBI published <a href="https://us-cert.cisa.gov/ncas/alerts/aa21-200b">
<span style="color:#0562C1">a Joint Cybersecurity Advisory</span><span style="color:#0562C1;text-decoration:none">
</span></a><span style="color:black">(CSA) to detail various Chinese state- sponsored cyber techniques used to target U.S. and Allied networks. This advisory, “Chinese State-Sponsored Cyber Operations: Observed TTPs”, is a deep dive into the techniques used
 when targeting U.S. and Allied networks.<o:p></o:p></span></span></p>
<p class="MsoNormal" style="margin-top:.5pt;punctuation-wrap:simple;text-autospace:none">
<span style="font-size:12.0pt"><o:p> </o:p></span></p>
<p class="MsoNormal" style="mso-margin-top-alt:.05pt;margin-right:12.55pt;margin-bottom:0in;margin-left:2.0pt;margin-bottom:.0001pt;punctuation-wrap:simple;text-autospace:none">
<span style="font-size:12.0pt">Second, CISA and FBI published a <a href="https://us-cert.cisa.gov/ncas/alerts/aa21-200a">
<span style="color:#0562C1">Joint Cybersecurity Advisory</span><span style="color:#0562C1;text-decoration:none">
</span></a><span style="color:black">on a Chinese Advanced Persistent Threat (APT) group known in open-source reporting as APT40. This advisory provides APT40’s tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) to help cybersecurity
 practitioners identify and remediate APT40 intrusions and established footholds. This accompanies action by the U.S. Department of Justice (DOJ) today with
<a href="https://www.justice.gov/opa/pr/four-chinese-nationals-working-ministry-state-security-charged-global-computer-intrusion">
<span style="color:#0562C1">unsealing indictment</span></a>s against four APT40 cyber actors for their illicit computer network exploitation (CNE) activities via front company Hainan Xiandun Technology Development Company (Hainan Xiandun).<o:p></o:p></span></span></p>
<p class="MsoNormal" style="margin-top:.55pt;punctuation-wrap:simple;text-autospace:none">
<span style="font-size:12.0pt"><o:p> </o:p></span></p>
<p class="MsoNormal" style="mso-margin-top-alt:0in;margin-right:9.15pt;margin-bottom:0in;margin-left:2.0pt;margin-bottom:.0001pt;punctuation-wrap:simple;text-autospace:none">
<span style="font-size:12.0pt">Third, “<a href="https://www.cisa.gov/publication/chinese-cyber-threat-overview-leaders"><span style="color:#0562C1">CISA Insights: Chinese Cyber Threat Overview for Leaders</span></a><span style="color:black">” is a joint analysis
 from CISA, FBI, and NSA that provides recommendations to organizational public and private sector leadership to reduce the risk of cyber espionage and data theft from Chinese state-sponsored cyber actors. Chinese state-sponsored cyber actors aggressively target
 U.S. and Allied political, economic, military, educational, and critical infrastructure (CI) personnel and organizations to steal sensitive data, emerging and key technology, intellectual property, and personally identifiable information (PII).<o:p></o:p></span></span></p>
<p class="MsoNormal" style="punctuation-wrap:simple;text-autospace:none"><span style="font-size:12.0pt"><o:p> </o:p></span></p>
<p class="MsoNormal" style="mso-margin-top-alt:0in;margin-right:9.15pt;margin-bottom:0in;margin-left:2.0pt;margin-bottom:.0001pt;punctuation-wrap:simple;text-autospace:none">
<span style="font-size:12.0pt">CISA also encourages users and administrators to review the blog post,
<a href="https://www.cisa.gov/blog/2021/07/19/safeguarding-critical-infrastructure-against-threats-peoples-republic-china">
<span style="color:#0562C1">Safeguarding Critical Infrastructure</span></a><span style="color:#0562C1">
<a href="https://www.cisa.gov/blog/2021/07/19/safeguarding-critical-infrastructure-against-threats-peoples-republic-china">
<span style="color:#0562C1">against Threats from the People’s Republic of China</span><span style="color:black;text-decoration:none">,
</span></a></span><span style="color:black">by CISA Executive Assistant Director Eric Goldstein and the
<a href="http://www.us-cert.cisa.gov/china"><span style="color:#0562C1">China Cyber Threat Overview and Advisories</span><span style="color:#0562C1;text-decoration:none">
</span></a>webpage.<o:p></o:p></span></span></p>
<p class="MsoNormal" style="punctuation-wrap:simple;text-autospace:none"><span style="font-size:12.0pt"><o:p> </o:p></span></p>
<p class="MsoNormal" style="mso-margin-top-alt:2.95pt;margin-right:0in;margin-bottom:0in;margin-left:2.0pt;margin-bottom:.0001pt;punctuation-wrap:simple;text-autospace:none">
<span style="font-size:12.0pt">CISA continues to work with our partners – both at home and abroad – to assess and identify malicious cyber activity by state-sponsored or criminals and provide the actionable information to our partners so they can protect their
 organization.<o:p></o:p></span></p>
<p class="MsoNormal" style="mso-margin-top-alt:2.4pt;margin-right:0in;margin-bottom:0in;margin-left:2.0pt;margin-bottom:.0001pt;punctuation-wrap:simple;text-autospace:none">
<span style="font-size:12.0pt;color:#333333"><o:p> </o:p></span></p>
<p class="MsoNormal" style="mso-margin-top-alt:2.4pt;margin-right:0in;margin-bottom:0in;margin-left:2.0pt;margin-bottom:.0001pt;punctuation-wrap:simple;text-autospace:none">
<span style="font-size:12.0pt;color:#333333">We encourage you to share this information widely.<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:12.0pt"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="font-size:12.0pt">Respectfully,<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:12.0pt"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="font-size:12.0pt;color:#201F1E">Cybersecurity and Infrastructure Security Agency</span><span style="font-size:12.0pt;color:black"><o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:12.0pt;color:#201F1E">Department of Homeland Security</span><span style="font-size:12.0pt;color:black"><o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:12.0pt;color:#201F1E"><a href="mailto:Sector.Partnership@CISA.DHS.GOV">Sector.Partnership@CISA.DHS.GOV</a>
</span><span style="font-size:12.0pt;color:black"><o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:12.0pt;color:black"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="font-size:12.0pt"><img border="0" width="57" height="57" style="width:.5972in;height:.5972in" id="Picture_x0020_3" src="cid:image001.jpg@01D77C93.C190FBA0"><o:p></o:p></span></p>
<p class="MsoNormal"><o:p> </o:p></p>
</div>
</body>
</html>