Cyber Resilience

Campaign · all campaigns

Operation Dust StormC0016 unknown

aka Operation Dust Storm

Last updated: 2026-07-03

1attributed CVEs
24ATT&CK techniques
4.3IDF score (tooling uniqueness)
1exclusive CVEs
2011years active

About this actor

[Operation Dust Storm](https://attack.mitre.org/campaigns/C0016) was a long-standing persistent cyber espionage campaign that targeted multiple industries in Japan, South Korea, the United States, Europe, and several Southeast Asian countries. By 2015, the [Operation Dust Storm](https://attack.mitre.org/campaigns/C0016) threat actors shifted from government and defense-related intelligence targets to Japanese companies or Japanese subdivisions of larger foreign organizations supporting Japan's critical infrastructure, including electricity generation, oil and natural gas, finance, transportation, and construction.(Citation: Cylance Dust Storm) [Operation Dust Storm](https://attack.mitre.org/campaigns/C0016) threat actors also began to use Android backdoors in their operations by 2015, with all identified victims at the time residing in Japan or South Korea.(Citation: Cylance Dust Storm)

Source: MITRE ATT&CK

Activity timeline

Profile

CVERiskCVSSEPSSPublishedProducts
CVE-2011-1255 8.00.00.92702011-06-16see CVE

Mitigating controls (NIST 800-53)

ControlTechniques coveredCoverage
SI-318 / 2475%
SI-417 / 2471%
CA-714 / 2458%
CM-214 / 2458%
CM-614 / 2458%
SI-712 / 2450%
AC-410 / 2442%
CM-710 / 2442%
SC-710 / 2442%
SI-210 / 2442%
SI-108 / 2433%
AC-67 / 2429%
CM-87 / 2429%
SC-447 / 2429%
AC-36 / 2425%

Co-occurring actors

None.

Similar actors

Active in same years