Cyber Resilience

Campaign · all campaigns

C0021C0021 unknown

aka C0021

Last updated: 2026-07-03

0attributed CVEs
26ATT&CK techniques
0.0IDF score (tooling uniqueness)
0exclusive CVEs
years active

About this actor

[C0021](https://attack.mitre.org/campaigns/C0021) was a spearphishing campaign conducted in November 2018 that targeted public sector institutions, non-governmental organizations (NGOs), educational institutions, and private-sector corporations in the oil and gas, chemical, and hospitality industries. The majority of targets were located in the US, particularly in and around Washington D.C., with other targets located in Europe, Hong Kong, India, and Canada. [C0021](https://attack.mitre.org/campaigns/C0021)'s technical artifacts, tactics, techniques, and procedures (TTPs), and targeting overlap with previous suspected [APT29](https://attack.mitre.org/groups/G0016) activity.(Citation: Microsoft Unidentified Dec 2018)(Citation: FireEye APT29 Nov 2018)

Source: MITRE ATT&CK

Activity timeline

No activity events recorded.

Profile

CVERiskCVSSEPSSPublishedProducts
No attributed CVEs.

Mitigating controls (NIST 800-53)

ControlTechniques coveredCoverage
SI-417 / 2665%
SI-316 / 2662%
CM-615 / 2658%
CM-214 / 2654%
CA-713 / 2650%
AC-411 / 2642%
CM-711 / 2642%
SC-711 / 2642%
SI-107 / 2627%
SI-27 / 2627%
SI-77 / 2627%
AC-35 / 2619%
IA-94 / 2615%
RA-54 / 2615%
SC-204 / 2615%

Co-occurring actors

None.

Similar actors

Similar TTPs