Ironically, the hacker groups that you should be afraid of also have the least intimidating names. Deep Panda, Putter Panda, and Flying Kitten have been listed by security technology firmÂ CrowdStrikeÂ as the groups to watch out for. While they may seem cuddly, these hackers continue to be some of the most dangerous in the world.
CrowdStrike is monitoring over 70 different hacker groups from around the world, most of which are based in China, Russia, and Iran. Many have ties to nationalist activist groups that are specifically seeking data on corporate America.
Here’s are a few of the most prominent hacker groups you should know about:
CrowdStrike has deemed Deep Panda oneÂ of the most advanced Chinese cyber intrusion groups active today. ThisÂ group has been known to target national security think tanks, infiltratingÂ the defense and telecommunications industries of foreign countries. CrowdStrike believes the group operates on behalf of the Chinese government.
In early July, CrowdStike reported the group had shifted its sights toÂ individuals with a tie to Iraq and the Middle East.Â That makes sense sinceÂ China isÂ Iraq’s largest foreign oil investor.
Active since 2007, Putter PandaÂ primarilyÂ targets the American and European defense and aerospace industries.Â The group is based out of Shanghai and has been linked to the Chinese military, due to the fact thatÂ the hackers reportedly work fromÂ buildings belonging to the People’s Liberation ArmyÂ (PLA)Â â€”Â the military of the People’s Republic of China.
In May, the US government filed a criminal indictmentÂ against members of Putter Panda (also known as PLAÂ Unit 61398).Â China continued to deny its military had ever engaged in cyber theft.Â However, CrowdStrike subsequently released documents that purported to show evidence of Putter Panda’s illegal hacking,Â IT NewsÂ reported.
This Iran-based hacker group has been on CrowdStrike’s radar since mid-January, and is best known for targeting multiple US-based defense contractors and Iranian political dissidents.Â Formerly known as theÂ Ajax Security Team, this group has shifted its sights from hacktivism to cyber espionage and targeted attacks, InformationWeek has reported.
According to CrowdStrike,Â the group began targeting the defense industry earlier this year, usingÂ spearphishing emails and spoofed Microsoft Outlook Web Access pages to infiltrate the accounts of defense contractors. InformationWeek reports that the group alsoÂ lured in Iranian dissidents using anti-censorship toolsÂ that had been infected with malware.
This targeting may imply that Flying Kitten is either an Iranian government entity or some private actor hired by Iran’s government to take down agitators.
What’s In Store
In its 2013 Global Threat Report, released in January, Crowdstrike predicted this kind of third-party targeting will continue, especially with events like the G20 Summit and midterm elections both coming up this November.
CrowdStrike CTO and co-founder Dmitri Alperovitch confirmed by phone that these groups, as well as others identified in the Global Threat Report â€” including Magic Kitten, Emissary Panda, and Deadeye Jackal â€”continue to pose an active cybersecurity threat.
These groups are also highly skilled and very sophisticated. “These are organized criminal groups that by some accounts have the same abilities that nation-states have,” Marcus Christian, a criminal defense attorney whose practice focuses onÂ intersection of cybersecurity and white collar crime, told Business Insider. “They are very streamlined in terms of their responsibilities, and often take old exploits and use them in new ways.”