LIMINAL PANDA and the Implications of Global Telco Targeting

On Nov. 19, 2024, Adam testified in front of the U.S. Senate Judiciary Subcommittee on Privacy, Technology, and the Law on Chinese cyber threats to critical infrastructure. This was the first time he publicly spoke about LIMINAL PANDA, a China-nexus state-sponsored threat actor that has been targeting telecommunications organizations since at least 2020.

LIMINAL PANDA is a newly named adversary, but CrowdStrike has been tracking its activity for over three years. It uses custom tools and demonstrates extensive knowledge of telco networks, including the connections between providers. And it's not alone: There are multiple adversaries targeting telcos, with good reason — the access they grant, and the data they possess, is a gold mine for threat actors.

But LIMINAL PANDA’s activity does more than showcase why critical infrastructure is a valuable target. It also represents how Chinese cyber activity has evolved since the mid-2000s, when it mostly involved “smash and grab” operations. Now, China has refined its espionage operations to conduct subtle and advanced attacks targeting critical infrastructure entities around the world.

In this episode, Adam and Cristian dig deep into the discovery of LIMINAL PANDA, the maturation of Chinese cyber operations and the scary consequences of telco-focused cyberattacks. Adam shares more about his congressional testimony and the value of keeping government officials informed on adversary activity. Come for Adam and Cristian’s Thanksgiving recipes, and stay for a deep-dive on this evolving nation-state threat, in this episode of the Adversary Universe podcast.

Read Adam's testimony here: https://www.judiciary.senate.gov/committee-activity/hearings/big-hacks-and-big-tech-chinas-cybersecurity-threat