STORM-1849
| Actor Type | Nation State |
|---|---|
| Directly Linked Intrusion Sets | UAT4356 |
STORM-1849 is an intrusion set designated by Microsoft Threat Intelligence Center. According to reporting, STORM-1849 has a focus on espionage that demonstrates the advanced capabilities and persistence of a sophisticated nation-state sponsored actor.
The group has been observed by researchers as Cisco Talos compromising perimeter network devices, specifically Cisco ASA firewalls. STORM-1849 has also demonstrated an interest in Microsoft Exchange servers and network devices from other vendors.
Cyber Threat Graph Context
Explore how this Intrusion Set relates to the wider threat graph