Report

Discover Chinese-Nexus Threat Actors'
Latest TTPs

In recent years, China's role in global digital and economic systems has expanded, accompanied by a steady increase in cyber activity linked to Chinese-nexus operators.

 

To better understand this risk, Darktrace conducted a long-term review and threat hunt for evidence of cybersecurity incidents involving Chinese-nexus operators across its customer base over the last three years.

 

This review examined anomalous activity detected by Darktrace from mid-from July 2022 to September 2025. The goal of the report is to help defenders identify Chinese-nexus activity earlier - even as tools, infrastructure, and APT labels continue to change

Download report

10,000

Darktrace customers

Related resources

Schedule a demo today

See what Darktrace finds in your environment


  • Free, no-obligation 30-day trial
  • Actionable insights delivered in days
  • Discover threats and risks you didn’t know about
  • Receive a tailored quote for your security needs
  • Expert technical support whenever you need it
Get a demo