Cyber Resilience

Threat actor · all actors

POLONIUMG1005 unknown

aka POLONIUM, Plaid Rain

Last updated: 2026-07-03

0attributed CVEs
11ATT&CK techniques
0.0IDF score (tooling uniqueness)
0exclusive CVEs
years active

About this actor

[POLONIUM](https://attack.mitre.org/groups/G1005) is a Lebanon-based group that has primarily targeted Israeli organizations, including critical manufacturing, information technology, and defense industry companies, since at least February 2022. Security researchers assess [POLONIUM](https://attack.mitre.org/groups/G1005) has coordinated their operations with multiple actors affiliated with Iran’s Ministry of Intelligence and Security (MOIS), based on victim overlap as well as common techniques and tooling.(Citation: Microsoft POLONIUM June 2022)

Source: MITRE ATT&CK

Activity timeline

No activity events recorded.

Profile

CVERiskCVSSEPSSPublishedProducts
No attributed CVEs.

Mitigating controls (NIST 800-53)

ControlTechniques coveredCoverage
SC-77 / 1164%
AC-46 / 1155%
CA-75 / 1145%
CM-65 / 1145%
CM-75 / 1145%
SI-45 / 1145%
AC-34 / 1136%
SI-34 / 1136%
AC-63 / 1127%
CM-23 / 1127%
AC-22 / 1118%
AC-202 / 1118%
CA-32 / 1118%
SA-82 / 1118%
SC-282 / 1118%

Co-occurring actors

None.

Similar actors