Security researchers have many names for the hacking group that is one of the suspects for the cyberattack on the US government’s Office of Personnel Management: PinkPanther, KungFu Kittens, Group 72 and, most famously, Deep Panda.
However, to Jared Myers and colleagues at cybersecurity company RSA, it is called Shell Crew and Myers’ team is one of the few who has watched it mid-assault — and eventually repulsed it.
Myers’ account of a months-long battle with the group illustrates the challenges governments and companies face in defending against hackers that researchers believe are linked to the Chinese government — a charge Beijing denies.
Photo: Reuters
“The Shell Crew is an extremely efficient and talented group,” Myers said in an interview.
Shell Crew, or Deep Panda, is one of several hacking groups that Western cybersecurity companies have accused of hacking into US and other countries’ networks and stealing government, defense and industrial documents.
The attack on the OPM computers, revealed this month, compromised the data of 4 million current and former federal employees, raising US suspicions that Chinese hackers were building huge databases that could be used to recruit spies.
China has denied any connection with such attacks and little is known about the identities of those involved in them. However, cybersecurity experts are starting to learn more about their methods.
Researchers have connected the OPM breach to an earlier attack on US healthcare insurer Anthem Inc, which has been blamed on Deep Panda.
Myers says his team has no evidence that Shell Crew were behind the OPM attack, but believes Shell Crew and Deep Panda are the same group. And they are no newcomers to cyberespionage.
CrowdStrike, the cybersecurity company which gave Deep Panda its name due to its perceived Chinese links, traces its activities to 2011, when it launched attacks on defense, energy and chemical industries in the US and Japan, but few have caught them in the act.
LIMITS: While China increases military pressure on Taiwan and expands its use of cognitive warfare, it is unwilling to target tech supply chains, the report said US and Taiwan military officials have warned that the Chinese People’s Liberation Army (PLA) could implement a blockade within “a matter of hours” and need only “minimal conversion time” prior to an attack on Taiwan, a report released on Tuesday by the US Senate’s China Economic and Security Review Commission said. “While there is no indication that China is planning an imminent attack, the United States and its allies and partners can no longer assume that a Taiwan contingency is a distant possibility for which they would have ample time to prepare,” it said. The commission made the comments in its annual
DETERMINATION: Beijing’s actions toward Tokyo have drawn international attention, but would likely bolster regional coordination and defense networks, the report said Japanese Prime Minister Sanae Takaichi’s administration is likely to prioritize security reforms and deterrence in the face of recent “hybrid” threats from China, the National Security Bureau (NSB) said. The bureau made the assessment in a written report to the Legislative Yuan ahead of an oral report and questions-and-answers session at the legislature’s Foreign Affairs and National Defense Committee tomorrow. The key points of Japan’s security reforms would be to reinforce security cooperation with the US, including enhancing defense deployment in the first island chain, pushing forward the integrated command and operations of the Japan Self-Defense Forces and US Forces Japan, as
IN THE NATIONAL INTEREST: Deputy Minister of Foreign Affairs Francois Wu said the strengthening of military facilities would help to maintain security in the Taiwan Strait Japanese Minister of Defense Shinjiro Koizumi, visiting a military base close to Taiwan, said plans to deploy missiles to the post would move forward as tensions smolder between Tokyo and Beijing. “The deployment can help lower the chance of an armed attack on our country,” Koizumi told reporters on Sunday as he wrapped up his first trip to the base on the southern Japanese island of Yonaguni. “The view that it will heighten regional tensions is not accurate.” Former Japanese minister of defense Gen Nakatani in January said that Tokyo wanted to base Type 03 Chu-SAM missiles on Yonaguni, but little progress
INTERCEPTION: The 30km test ceiling shows that the CSIST is capable of producing missiles that could stop inbound missiles as they re-enter the atmosphere Recent missile tests by the Chungshan Institute of Science and Technology (CSIST) show that Taiwan’s missiles are capable of intercepting ballistic missiles as they re-enter the atmosphere and pose a significant deterrent to Chinese missile threats, former Hsiung Feng III missile development project chief engineer Chang Cheng (張誠) said yesterday. The military-affiliated institute has been conducting missile tests, believed to be related to Project Chiang Kung (強弓) at Pingtung County’s Jiupeng Military Base, with many tests deviating from past practices of setting restriction zones at “unlimited” and instead clearly stating a 30.48km range, Chang said. “Unlimited” restrictions zones for missile tests is
RSS