China appears to have used a secret cyber range called Expedition Cloud to rehearse attacks on replicas of neighboring countries’ critical infrastructure, according to a cache of leaked development and training files. The materials, linked to developer files from CyberPeace and obtained via an exposed FTP server, show staged reconnaissance and attack teams, strict segregation and detailed logging that could enable AI-driven automation of offensive operations. #ExpeditionCloud #CyberPeace
Keypoints
- Leaked documents describe Expedition Cloud as a platform for practicing attacks on power, energy transmission, transportation and smart home networks.
- The cache includes source code, training materials, developer logs and malware found on an exposed FTP server, supporting experts’ confidence in its authenticity.
- The platform organizes exercises into reconnaissance and attack teams using replicated target networks and standardized “weapon images.”
- Strict network segmentation, comprehensive logging and replay capabilities allow operations to be measured, compared and refined over time.
- Researchers warn the system indicates state-sponsored intent and could enable greater use of AI to automate and accelerate offensive cyber campaigns.
Read More: https://therecord.media/leaked-china-documents-show-testing-cyber-neighbors