Security researchers have many names for the hacking group that is one of the suspects for the cyberattack on the US government’s Office of Personnel Management: PinkPanther, KungFu Kittens, Group 72 and, most famously, Deep Panda.
However, to Jared Myers and colleagues at cybersecurity company RSA, it is called Shell Crew and Myers’ team is one of the few who has watched it mid-assault — and eventually repulsed it.
Myers’ account of a months-long battle with the group illustrates the challenges governments and companies face in defending against hackers that researchers believe are linked to the Chinese government — a charge Beijing denies.
Photo: Reuters
“The Shell Crew is an extremely efficient and talented group,” Myers said in an interview.
Shell Crew, or Deep Panda, is one of several hacking groups that Western cybersecurity companies have accused of hacking into US and other countries’ networks and stealing government, defense and industrial documents.
The attack on the OPM computers, revealed this month, compromised the data of 4 million current and former federal employees, raising US suspicions that Chinese hackers were building huge databases that could be used to recruit spies.
China has denied any connection with such attacks and little is known about the identities of those involved in them. However, cybersecurity experts are starting to learn more about their methods.
Researchers have connected the OPM breach to an earlier attack on US healthcare insurer Anthem Inc, which has been blamed on Deep Panda.
Myers says his team has no evidence that Shell Crew were behind the OPM attack, but believes Shell Crew and Deep Panda are the same group. And they are no newcomers to cyberespionage.
CrowdStrike, the cybersecurity company which gave Deep Panda its name due to its perceived Chinese links, traces its activities to 2011, when it launched attacks on defense, energy and chemical industries in the US and Japan, but few have caught them in the act.
POLITICAL AGENDA: Beijing’s cross-strait Mid-Autumn Festival events are part of a ‘cultural united front’ aimed at promoting unification with Taiwan, academics said Local authorities in China have been inviting Taiwanese to participate in cross-strait Mid-Autumn Festival celebrations centered around ideals of “family and nation,” a move Taiwanese academics said politicizes the holiday to promote the idea of “one family” across the Taiwan Strait. Sources said that China’s Fujian Provincial Government is organizing about 20 cross-strait-themed events in cities including Quanzhou, Nanping, Sanming and Zhangzhou. In Zhangzhou, a festival scheduled for Wednesday is to showcase Minnan-language songs and budaixi (布袋戲) glove puppetry to highlight cultural similarities between Taiwan and the region. Elsewhere, Jiangsu Province is hosting more than 10 similar celebrations in Taizhou, Changzhou, Suzhou,
The Republic of China (ROC) is celebrating its 114th Double Ten National Day today, featuring military parades and a variety of performances and speeches in front of the Presidential Office in Taipei. The Taiwan Taiko Association opened the celebrations with a 100-drummer performance, including young percussionists. As per tradition, an air force Mirage 2000 fighter jet flew over the Presidential Office as a part of the performance. The Honor Guards of the ROC and its marching band also heralded in a military parade. Students from Taichung's Shin Min High School then followed with a colorful performance using floral imagery to represent Taiwan's alternate name
COGNITIVE WARFARE: Chinese fishing boats transmitting fake identification signals are meant to test Taiwan’s responses to different kinds of perceived incursions, a report said Chinese vessels are transmitting fake signals in Taiwan’s waters as a form of cognitive warfare, testing Taipei’s responses to various types of incursions, a report by the Institute for the Study of War said on Friday. Several Chinese fishing vessels transmitted fake automatic identification system (AIS) signals in Taiwan’s waters last month, with one mimicking a Russian warship and another impersonating a Chinese law enforcement vessel, the report said. Citing data from Starboard Maritime Intelligence, the report said that throughout August and last month, the Chinese fishing boat Minshiyu 06718 (閩獅漁06718) sailed through the Taiwan Strait while intermittently transmitting its own AIS
CHINESE INFILTRATION: Medical logistics is a lifeline during wartime and the reported CCP links of a major logistics company present a national security threat, an expert said The government would bolster its security check system to prevent China from infiltrating the nation’s medical cold chain, a national security official said yesterday. The official, who wished to stay anonymous, made the remarks after the Chinese-language magazine Mirror Media (鏡周刊) reported that Pharma Logistics (嘉里醫藥物流) is in charge of the medical logistics of about half of the nation’s major hospitals, including National Taiwan University Hospital and Taipei Veterans General Hospital. The company’s parent, Kerry TJ Logistics Co (嘉里大榮物流), is associated with the National Committee of the Chinese People’s Political Consultative Conference (CPPCC) and the Chinese People’s Liberation Army (PLA), the
RSS