US Cyber Command · Example Payload

Uscybercom Threat Actor Example

A sophisticated threat actor conducting espionage and destructive cyberattacks.

CybersecurityFederal GovernmentMilitaryThreat IntelligenceDefense

Uscybercom Threat Actor Example is an example object payload from US Cyber Command, with 11 top-level fields. It illustrates the shape of data this provider's APIs accept or return.

Top-level fields

actor_idnamealternative_namesnation_state_sponsorsponsoring_agencyprimary_motivationtargeted_sectorsmalware_familiesfirst_observedmitre_group_iddescription

Example Payload

uscybercom-threat-actor-example.json Raw ↑ 
{
  "actor_id": "CNMF-TA-RU-001",
  "name": "Sandworm",
  "alternative_names": [
    "USCYBERCOM",
    "CISA",
    "NSA"
  ],
  "nation_state_sponsor": "Iran",
  "sponsoring_agency": "Russian GRU Unit 74455",
  "primary_motivation": "Destructive Attacks",
  "targeted_sectors": [
    "USCYBERCOM",
    "CISA",
    "NSA"
  ],
  "malware_families": [
    "USCYBERCOM",
    "CISA",
    "NSA"
  ],
  "first_observed": "2025-07-14",
  "mitre_group_id": "G0034",
  "description": "A sophisticated threat actor conducting espionage and destructive cyberattacks."
}