{"id":8753,"date":"2025-12-11T09:13:22","date_gmt":"2025-12-11T14:13:22","guid":{"rendered":"https:\/\/www.vdh.virginia.gov\/drinking-water\/?p=8753"},"modified":"2025-12-11T09:13:22","modified_gmt":"2025-12-11T14:13:22","slug":"brickstorm-backdoor-cisa-alert","status":"publish","type":"post","link":"https:\/\/www.vdh.virginia.gov\/drinking-water\/2025\/12\/11\/brickstorm-backdoor-cisa-alert\/","title":{"rendered":"BRICKSTORM Backdoor CISA Alert"},"content":{"rendered":"<p>The Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), and Canadian Centre\u00a0for Cyber Security (Cyber Centre) assess People\u2019s Republic of China (PRC) state-sponsored cyber actors are using\u00a0BRICKSTORM malware for long-term persistence on victim systems. CISA, NSA, and Cyber Centre are releasing this Malware Analysis Report to share indicators of compromise (IOCs) and detection signatures based off analysis of eight BRICKSTORM samples. CISA, NSA, and Cyber Centre urge organizations to use the IOCs and detection signatures to identify BRICKSTORM malware samples.<\/p>\n<p>More information on the alert can be found on the CISA website <a href=\"https:\/\/www.cisa.gov\/news-events\/analysis-reports\/ar25-338a\">here.<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>The Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), and Canadian Centre\u00a0for Cyber Security (Cyber Centre) assess People\u2019s Republic of China (PRC) state-sponsored cyber actors are using\u00a0BRICKSTORM malware for long-term persistence on victim systems. CISA, NSA, and Cyber Centre are releasing this Malware Analysis Report to share indicators of compromise (IOCs) and detection [&hellip;]<\/p>\n","protected":false},"author":646,"featured_media":8676,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_lmt_disableupdate":"","_lmt_disable":"","footnotes":""},"categories":[21],"tags":[],"class_list":["post-8753","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity"],"modified_by":"matthewframe","yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.3 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>BRICKSTORM Backdoor CISA Alert - Drinking Water<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.vdh.virginia.gov\/drinking-water\/2025\/12\/11\/brickstorm-backdoor-cisa-alert\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"BRICKSTORM Backdoor CISA Alert - Drinking Water\" \/>\n<meta property=\"og:description\" content=\"The Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), and Canadian Centre\u00a0for Cyber Security (Cyber Centre) assess People\u2019s Republic of China (PRC) state-sponsored cyber actors are using\u00a0BRICKSTORM malware for long-term persistence on victim systems. CISA, NSA, and Cyber Centre are releasing this Malware Analysis Report to share indicators of compromise (IOCs) and detection [&hellip;]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.vdh.virginia.gov\/drinking-water\/2025\/12\/11\/brickstorm-backdoor-cisa-alert\/\" \/>\n<meta property=\"og:site_name\" content=\"Drinking Water\" \/>\n<meta property=\"article:published_time\" content=\"2025-12-11T14:13:22+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.vdh.virginia.gov\/content\/uploads\/sites\/14\/istockphoto-1345304217-612x612-1.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"612\" \/>\n\t<meta property=\"og:image:height\" content=\"490\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"matthewframe\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"matthewframe\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.vdh.virginia.gov\\\/drinking-water\\\/2025\\\/12\\\/11\\\/brickstorm-backdoor-cisa-alert\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.vdh.virginia.gov\\\/drinking-water\\\/2025\\\/12\\\/11\\\/brickstorm-backdoor-cisa-alert\\\/\"},\"author\":{\"name\":\"matthewframe\",\"@id\":\"https:\\\/\\\/www.vdh.virginia.gov\\\/drinking-water\\\/#\\\/schema\\\/person\\\/03305682d0faf3ed41e138fada913c53\"},\"headline\":\"BRICKSTORM Backdoor CISA Alert\",\"datePublished\":\"2025-12-11T14:13:22+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.vdh.virginia.gov\\\/drinking-water\\\/2025\\\/12\\\/11\\\/brickstorm-backdoor-cisa-alert\\\/\"},\"wordCount\":102,\"image\":{\"@id\":\"https:\\\/\\\/www.vdh.virginia.gov\\\/drinking-water\\\/2025\\\/12\\\/11\\\/brickstorm-backdoor-cisa-alert\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.vdh.virginia.gov\\\/content\\\/uploads\\\/sites\\\/14\\\/istockphoto-1345304217-612x612-1.jpg\",\"articleSection\":[\"Cybersecurity\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.vdh.virginia.gov\\\/drinking-water\\\/2025\\\/12\\\/11\\\/brickstorm-backdoor-cisa-alert\\\/\",\"url\":\"https:\\\/\\\/www.vdh.virginia.gov\\\/drinking-water\\\/2025\\\/12\\\/11\\\/brickstorm-backdoor-cisa-alert\\\/\",\"name\":\"BRICKSTORM Backdoor CISA Alert - Drinking Water\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.vdh.virginia.gov\\\/drinking-water\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.vdh.virginia.gov\\\/drinking-water\\\/2025\\\/12\\\/11\\\/brickstorm-backdoor-cisa-alert\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.vdh.virginia.gov\\\/drinking-water\\\/2025\\\/12\\\/11\\\/brickstorm-backdoor-cisa-alert\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.vdh.virginia.gov\\\/content\\\/uploads\\\/sites\\\/14\\\/istockphoto-1345304217-612x612-1.jpg\",\"datePublished\":\"2025-12-11T14:13:22+00:00\",\"author\":{\"@id\":\"https:\\\/\\\/www.vdh.virginia.gov\\\/drinking-water\\\/#\\\/schema\\\/person\\\/03305682d0faf3ed41e138fada913c53\"},\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.vdh.virginia.gov\\\/drinking-water\\\/2025\\\/12\\\/11\\\/brickstorm-backdoor-cisa-alert\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.vdh.virginia.gov\\\/drinking-water\\\/2025\\\/12\\\/11\\\/brickstorm-backdoor-cisa-alert\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.vdh.virginia.gov\\\/drinking-water\\\/2025\\\/12\\\/11\\\/brickstorm-backdoor-cisa-alert\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.vdh.virginia.gov\\\/content\\\/uploads\\\/sites\\\/14\\\/istockphoto-1345304217-612x612-1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.vdh.virginia.gov\\\/content\\\/uploads\\\/sites\\\/14\\\/istockphoto-1345304217-612x612-1.jpg\",\"width\":612,\"height\":490,\"caption\":\"Computer with exclamation mark. Alert notification. Illustration vector\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.vdh.virginia.gov\\\/drinking-water\\\/2025\\\/12\\\/11\\\/brickstorm-backdoor-cisa-alert\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.vdh.virginia.gov\\\/drinking-water\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"BRICKSTORM Backdoor CISA Alert\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.vdh.virginia.gov\\\/drinking-water\\\/#website\",\"url\":\"https:\\\/\\\/www.vdh.virginia.gov\\\/drinking-water\\\/\",\"name\":\"Drinking Water\",\"description\":\"To promote and protect the health of all Virginians\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.vdh.virginia.gov\\\/drinking-water\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.vdh.virginia.gov\\\/drinking-water\\\/#\\\/schema\\\/person\\\/03305682d0faf3ed41e138fada913c53\",\"name\":\"matthewframe\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/a991f19951831d50c4aab5d32fb14ef129dd9a34323680623a344061536afbdd?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/a991f19951831d50c4aab5d32fb14ef129dd9a34323680623a344061536afbdd?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/a991f19951831d50c4aab5d32fb14ef129dd9a34323680623a344061536afbdd?s=96&d=mm&r=g\",\"caption\":\"matthewframe\"},\"url\":\"https:\\\/\\\/www.vdh.virginia.gov\\\/drinking-water\\\/author\\\/matthewframe\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"BRICKSTORM Backdoor CISA Alert - Drinking Water","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.vdh.virginia.gov\/drinking-water\/2025\/12\/11\/brickstorm-backdoor-cisa-alert\/","og_locale":"en_US","og_type":"article","og_title":"BRICKSTORM Backdoor CISA Alert - Drinking Water","og_description":"The Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), and Canadian Centre\u00a0for Cyber Security (Cyber Centre) assess People\u2019s Republic of China (PRC) state-sponsored cyber actors are using\u00a0BRICKSTORM malware for long-term persistence on victim systems. CISA, NSA, and Cyber Centre are releasing this Malware Analysis Report to share indicators of compromise (IOCs) and detection [&hellip;]","og_url":"https:\/\/www.vdh.virginia.gov\/drinking-water\/2025\/12\/11\/brickstorm-backdoor-cisa-alert\/","og_site_name":"Drinking Water","article_published_time":"2025-12-11T14:13:22+00:00","og_image":[{"width":612,"height":490,"url":"https:\/\/www.vdh.virginia.gov\/content\/uploads\/sites\/14\/istockphoto-1345304217-612x612-1.jpg","type":"image\/jpeg"}],"author":"matthewframe","twitter_card":"summary_large_image","twitter_misc":{"Written by":"matthewframe"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.vdh.virginia.gov\/drinking-water\/2025\/12\/11\/brickstorm-backdoor-cisa-alert\/#article","isPartOf":{"@id":"https:\/\/www.vdh.virginia.gov\/drinking-water\/2025\/12\/11\/brickstorm-backdoor-cisa-alert\/"},"author":{"name":"matthewframe","@id":"https:\/\/www.vdh.virginia.gov\/drinking-water\/#\/schema\/person\/03305682d0faf3ed41e138fada913c53"},"headline":"BRICKSTORM Backdoor CISA Alert","datePublished":"2025-12-11T14:13:22+00:00","mainEntityOfPage":{"@id":"https:\/\/www.vdh.virginia.gov\/drinking-water\/2025\/12\/11\/brickstorm-backdoor-cisa-alert\/"},"wordCount":102,"image":{"@id":"https:\/\/www.vdh.virginia.gov\/drinking-water\/2025\/12\/11\/brickstorm-backdoor-cisa-alert\/#primaryimage"},"thumbnailUrl":"https:\/\/www.vdh.virginia.gov\/content\/uploads\/sites\/14\/istockphoto-1345304217-612x612-1.jpg","articleSection":["Cybersecurity"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.vdh.virginia.gov\/drinking-water\/2025\/12\/11\/brickstorm-backdoor-cisa-alert\/","url":"https:\/\/www.vdh.virginia.gov\/drinking-water\/2025\/12\/11\/brickstorm-backdoor-cisa-alert\/","name":"BRICKSTORM Backdoor CISA Alert - Drinking Water","isPartOf":{"@id":"https:\/\/www.vdh.virginia.gov\/drinking-water\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.vdh.virginia.gov\/drinking-water\/2025\/12\/11\/brickstorm-backdoor-cisa-alert\/#primaryimage"},"image":{"@id":"https:\/\/www.vdh.virginia.gov\/drinking-water\/2025\/12\/11\/brickstorm-backdoor-cisa-alert\/#primaryimage"},"thumbnailUrl":"https:\/\/www.vdh.virginia.gov\/content\/uploads\/sites\/14\/istockphoto-1345304217-612x612-1.jpg","datePublished":"2025-12-11T14:13:22+00:00","author":{"@id":"https:\/\/www.vdh.virginia.gov\/drinking-water\/#\/schema\/person\/03305682d0faf3ed41e138fada913c53"},"breadcrumb":{"@id":"https:\/\/www.vdh.virginia.gov\/drinking-water\/2025\/12\/11\/brickstorm-backdoor-cisa-alert\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.vdh.virginia.gov\/drinking-water\/2025\/12\/11\/brickstorm-backdoor-cisa-alert\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.vdh.virginia.gov\/drinking-water\/2025\/12\/11\/brickstorm-backdoor-cisa-alert\/#primaryimage","url":"https:\/\/www.vdh.virginia.gov\/content\/uploads\/sites\/14\/istockphoto-1345304217-612x612-1.jpg","contentUrl":"https:\/\/www.vdh.virginia.gov\/content\/uploads\/sites\/14\/istockphoto-1345304217-612x612-1.jpg","width":612,"height":490,"caption":"Computer with exclamation mark. Alert notification. Illustration vector"},{"@type":"BreadcrumbList","@id":"https:\/\/www.vdh.virginia.gov\/drinking-water\/2025\/12\/11\/brickstorm-backdoor-cisa-alert\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.vdh.virginia.gov\/drinking-water\/"},{"@type":"ListItem","position":2,"name":"BRICKSTORM Backdoor CISA Alert"}]},{"@type":"WebSite","@id":"https:\/\/www.vdh.virginia.gov\/drinking-water\/#website","url":"https:\/\/www.vdh.virginia.gov\/drinking-water\/","name":"Drinking Water","description":"To promote and protect the health of all Virginians","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.vdh.virginia.gov\/drinking-water\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/www.vdh.virginia.gov\/drinking-water\/#\/schema\/person\/03305682d0faf3ed41e138fada913c53","name":"matthewframe","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/a991f19951831d50c4aab5d32fb14ef129dd9a34323680623a344061536afbdd?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/a991f19951831d50c4aab5d32fb14ef129dd9a34323680623a344061536afbdd?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/a991f19951831d50c4aab5d32fb14ef129dd9a34323680623a344061536afbdd?s=96&d=mm&r=g","caption":"matthewframe"},"url":"https:\/\/www.vdh.virginia.gov\/drinking-water\/author\/matthewframe\/"}]}},"_links":{"self":[{"href":"https:\/\/www.vdh.virginia.gov\/drinking-water\/wp-json\/wp\/v2\/posts\/8753","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.vdh.virginia.gov\/drinking-water\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.vdh.virginia.gov\/drinking-water\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.vdh.virginia.gov\/drinking-water\/wp-json\/wp\/v2\/users\/646"}],"replies":[{"embeddable":true,"href":"https:\/\/www.vdh.virginia.gov\/drinking-water\/wp-json\/wp\/v2\/comments?post=8753"}],"version-history":[{"count":1,"href":"https:\/\/www.vdh.virginia.gov\/drinking-water\/wp-json\/wp\/v2\/posts\/8753\/revisions"}],"predecessor-version":[{"id":8754,"href":"https:\/\/www.vdh.virginia.gov\/drinking-water\/wp-json\/wp\/v2\/posts\/8753\/revisions\/8754"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.vdh.virginia.gov\/drinking-water\/wp-json\/wp\/v2\/media\/8676"}],"wp:attachment":[{"href":"https:\/\/www.vdh.virginia.gov\/drinking-water\/wp-json\/wp\/v2\/media?parent=8753"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.vdh.virginia.gov\/drinking-water\/wp-json\/wp\/v2\/categories?post=8753"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.vdh.virginia.gov\/drinking-water\/wp-json\/wp\/v2\/tags?post=8753"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}