Chinese Cyber Operatives Target Drone Industry through Supply Chain Assaults

A notable Chinese threat actor has been identified as disrupting the drone supply chain through a series of multi-wave attacks against various organizations in Taiwan and South Korea, according to findings from Trend Micro. This group, referred to as Earth Ammit, is believed to be associated with Chinese Advanced Persistent Threat (APT) groups.

Between 2023 and 2024, Earth Ammit has executed two significant attack campaigns aimed at a range of organizations. The group’s activities highlight a calculated effort to compromise supply chain integrity within the drone manufacturing sector, indicating a sophisticated level of operational planning and execution.

The threat landscape in this sector remains volatile, with targeted attacks increasingly focused on disrupting critical supply chains. Organizations in Taiwan and South Korea must enhance their cybersecurity measures and remain vigilant against such evolving threats, ensuring they are prepared to mitigate potential risks associated with these types of advanced persistent threats.

The implications of these attacks extend beyond immediate operational disruptions, as they pose significant risks to national security and international trade. Organizations are urged to implement robust security protocols, share threat intelligence, and foster collaborations to strengthen their defenses against such state-sponsored cyber activities.

Overall, the ongoing activities of Earth Ammit exemplify the increasing complexity and sophistication of cyber threats, necessitating a proactive and comprehensive response strategy across affected industries.