Why the 'APT' framework fails to capture modern Chinese cyber operations: The case for composite responsibility
By
Sveva Vittoria Scenarelli09 June 2026
Summary
The article analyzes the evolving nature of Chinese cyber operations, arguing that the traditional "Advanced Persistent Threat" (APT) framework is insufficient for understanding modern cyber campaigns. Using the Salt Typhoon operation against Western telecom infrastructure as a case study, the article introduces the concept of "composite responsibility" — where state-linked entities, private firms, and independent actors collaborate in complex, multi-layered cyber operations. This blurs lines of attribution and accountability, making it difficult for Western governments to respond effectively. The piece calls for a shift in how cybersecurity analysts and policymakers conceptualize and attribute cyber threats originating from China.
Source
Key quotes
· 3 pulled'These firms provide cyber-related products and services to China's intelligence services'
Cyber operations today can include anything from PLA units to companies acting independently, and often include a mix of actors, complicating attribution and response
As of mid-2026, there is still limited public information about the specific role of these three entities and their government customers in Salt Typhoon operations
You might also wanna read
APT Attack Compromises Reverse Gateway Infrastructure Through Kernel and NFS Server Malware
A detailed incident response blog post describing a sophisticated Advanced Persistent Threat (APT) attack discovered during a routine securi
Supply Chain Attacks on Open-Source Software: Case Study of Malicious Pull Request Attempts
The article discusses recent supply chain attacks on open-source software projects like LiteLLM and axios, with a specific case study of att
How U.S. Data Centers Function as Infrastructure for Military and Intelligence Operations
The article argues that U.S. data centers serve as extensions of American military power and empire, examining how tech companies like Amazo
FBI official says China's Salt Typhoon espionage campaign likely compromised data of nearly every American
An FBI cyber official stated that China's Salt Typhoon espionage campaign has likely stolen information from nearly every American through y
Satirical security incident report exposes AI defense failures at global scale
A satirical incident report detailing a catastrophic AI security failure where a malicious package bypassed seven AI-powered security gates,
Satirical security incident report exposes AI defense failures at global scale
A satirical incident report detailing a catastrophic AI security failure where a malicious package bypassed seven AI-powered security gates,
Kimsuky Leak Exposes North Korea's Credential Theft Operations and Chinese Infrastructure Links
A rare breach attributed to a North Korean-affiliated actor known as "Kim" has exposed detailed insights into Kimsuky (APT43) operations. Th
dti.domaintools.com·10mo ago
Comments
Sign in to join the conversation.
No comments yet. Be the first.