Cyber Operations Tracker
Archived: 2026-04-05 16:19:33 UTC
Cyber Operations Home
Winnti Umbrella
Date of report
May 2018
Affiliations
Axiom
This threat actor targets software companies and political organizations in the United States, China, Japan, and
South Korea. It primarily acts to support cyber operations conducted by other threat actors affiliated with Chinese
intelligence services.
Suspected victims
United States, United Kingdom, Japan, South Korea, China, Hong Kong, Universities in Hong Kong
Suspected state sponsor
China
Type of incident
Espionage
Target category
Private sector
Victim government reaction
Unknown
Read more
https://www.cfr.org/cyber-operations/winnti-umbrella
Page 1 of 3

Burning Umbrella: An Intelligence Report on the Winnti Umbrella and Associated State-Sponsored
Attackers
https://www.cfr.org/cyber-operations/winnti-umbrella
Page 2 of 3

Report: Chinese government is behind a decade of hacks on software companies
Source: https://www.cfr.org/cyber-operations/winnti-umbrella
https://www.cfr.org/cyber-operations/winnti-umbrella
Page 3 of 3