{"threat_actor":{"name":"Volt Typhoon","aliases":["BRONZE SILHOUETTE","Vanguard Panda"],"origin":"China (PRC)","targets":"US critical infrastructure — energy, water, telecom, transportation","tools":"Living-off-the-land (LOTL), ntdsutil, netsh, PowerShell","mitre_techniques":[{"id":"T1190","name":"Exploit Public-Facing Application","tactic":"Initial Access","mitre_url":"https://attack.mitre.org/techniques/T1190/"},{"id":"T1133","name":"External Remote Services","tactic":"Initial Access","mitre_url":"https://attack.mitre.org/techniques/T1133/"},{"id":"T1078","name":"Valid Accounts","tactic":"Defense Evasion, Initial Access","mitre_url":"https://attack.mitre.org/techniques/T1078/"},{"id":"T1059","name":"Command and Scripting Interpreter","tactic":"Execution","mitre_url":"https://attack.mitre.org/techniques/T1059/"},{"id":"T1027","name":"Obfuscated Files or Information","tactic":"Defense Evasion","mitre_url":"https://attack.mitre.org/techniques/T1027/"}]}}