VERY IMPORTANT

MONSOON is the name given to the Forcepoint Security Labs™ investigation into an ongoing espionage campaign that the Special Investigations team have been tracking and analysing since May 2016. The overarching campaign appears to target both Chinese nationals within different industries and government agencies in Southern Asia. It appears to have started in December 2015 and is still ongoing as of July 2016. Amongst the evidence gathered during the MONSOON investigation were a number of indicators which make it highly probable1 that this adversary and the OPERATION HANGOVER adversary are one and the same. These indicator include the use of the same infrastructure for the attacks, similar Tactics, Techniques and Procedures (TTPs), the targeting of demographically similar victims and operating geographically within the Indian Subcontinent