Via Satellite archive photo
Darktrace has released a new research report, “Crimson Echo: Understanding Chinese-nexus Cyber Tradecraft Through Behavioral Analysis” which looks at how Chinese-nexus cyber activity is evolving and the threats its poses. This is especially relevant to the space sector as more and more space companies are being targeted for cyber attacks. Darktrace revealed details of the research, April 2.
Darktrace is a key provider of AI and cybersecurity solutions. They have spoken at CyberSat previously. Darktrace’s research reveals a fundamental shift in how cyber risk should be understood. Rather than discrete incidents or short-term breaches, most nation-state operations are designed to establish persistent access to strategically important systems, positioning cyber activity as a form of long-term strategic statecraft.
Analysis of behavioral data from July 2022 to September 2025 shows that, in many cases, gaining and maintaining access, instead of immediate disruption or data theft, is the primary objective of Chinese-nexus intrusions. Darktrace says this reflects a broader evolution in cyber operations, where access to digital environments provides ongoing visibility into supply chains, industrial processes, and critical infrastructure.
The findings challenge traditional security models that focus on incidents and breach response. Instead, they point to cyber risk as a continuous, structural exposure that must be managed over time.
“Many cyber operations are no longer just about breaking in and stealing data or causing short-term disruptions, they are about staying in. What we’re seeing is a shift toward persistent access as a strategic asset. Defenders need to move beyond incident response and focus on detecting subtle behavioral changes that could indicate a long-term compromise,” Nathaniel Jones, VP of Security & AI Strategy, Darktrace, said in a statement.
