Nation-State Threats

Google and Mandiant exposed UNC2814, a China-nexus threat actor that used a novel backdoor called GRIDTIDE to abuse Google Sheets as command-and-control infrastructure, breaching telecoms and government agencies across three continents since at least 2017.

A hardcoded-credential flaw in Dell RecoverPoint rated CVSS 10.0 let Chinese spies deploy three malware families and hide inside VMware infrastructure since mid-2024.

Binding Operational Directive 26-02 gives agencies 18 months to inventory and replace end-of-life firewalls, routers, and switches that advanced threat actors are actively exploiting.