THREAT ACTOR: Black Vine
China-backed Black Vine is targeting multiple industries including energy, aerospace and healthcare. The most prominent attack to date from Black Vine occurred when healthcare provider, Anthem, suffered a breach and over 80 million records ended up stolen. That attack came to light when an administrator noticed multiple queries running from the account, but someone else had executed the queries. That discovery of the database queries soon led Anthem to realize it was under attack from an advanced cyber espionage group.