Threat Actors:

OCEANLOTUS
In the dark world of cybercrime, threat actors pose a great risk to organizations'
confidential data. This presentation will focus on OCEANLOTUS, a notorious
hacking group.

by Sirshendu Maiti
Overview of Threat Actors
1 Who are threat actors?
Individuals or groups involved in
unauthorized activities for financial
gain, political objectives, or other
motivations.
2 How do they impact businesses
and organizations?
They can cause data breaches, steal
trade secrets, disrupt critical
infrastructure and damage brand
reputation.
The Dangerous OCEANLOTUS
Introduction
OCEANLOTUS, aka APT32, is an elite
hacking group believed to be associated with
the Vietnamese government.
Tactics, Techniques, and Procedures
The group uses sophisticated and customized
malware, spear-phishing attacks, and social
engineering tactics to gain access to its targets'
networks.
Motivations and Objectives
The group targets foreign corporations,
governments, and other organizations to obtain
sensitive information to support Vietnam's
political and economic interests.
Notable Cyber Attacks and
Campaigns
OCEANLOTUS's victims include more than a
dozen multinationals, human rights
organizations, and government agencies in
Asia, Europe, and the US. Some of their
campaigns include Operation Cobalt Kitty and
Operation Skeleton Key.
Mitigation Strategies

Risk Assessment Implementation Employee Network

of Security Training Monitoring
Conduct regular
Measures
security audits and Training employees Continuous
vulnerability Implementing strong on how to identify and monitoring of the
assessments to security measures handle suspicious network can help
identify the such as multi-factor emails, phone calls identify unusual
organization's authentication, face and activities can activities and prevent
weaknesses and recognition prevent them from further damage.
potential threats. technology and access falling prey to
control systems can phishing attacks.
prevent unauthorized
access to the network.
The Evolving Threat Landscape
1 Trends in Cyber Attacks
Cyber attacks are becoming more advanced, persistent and sophisticated. Hackers use new
technologies such as AI and machine learning to carry out their attacks.

2 The Need for Proactive Security Measures

Organizations need to take a proactive approach to cybersecurity and continuously evaluate
their security measures to protect their critical assets from evolving threats.

3 The Importance of Collaboration

Cybersecurity is a global issue, and it requires a collaborative effort to combat it. Sharing of
intelligence, resources, and best practices can strengthen the overall security posture.
Conclusion: Stay Ahead of the Game
With the increasing number of cyber threats, it's essential to stay ahead of the game by keeping up with the
latest security trends and implementing appropriate mitigation strategies. Organizations that invest in
cybersecurity can avoid costly breaches and protect their reputation.