Security researchers have many names for the hacking group that is one of the suspects for the cyberattack on the US government’s Office of Personnel Management: PinkPanther, KungFu Kittens, Group 72 and, most famously, Deep Panda.
However, to Jared Myers and colleagues at cybersecurity company RSA, it is called Shell Crew and Myers’ team is one of the few who has watched it mid-assault — and eventually repulsed it.
Myers’ account of a months-long battle with the group illustrates the challenges governments and companies face in defending against hackers that researchers believe are linked to the Chinese government — a charge Beijing denies.
Photo: Reuters
“The Shell Crew is an extremely efficient and talented group,” Myers said in an interview.
Shell Crew, or Deep Panda, is one of several hacking groups that Western cybersecurity companies have accused of hacking into US and other countries’ networks and stealing government, defense and industrial documents.
The attack on the OPM computers, revealed this month, compromised the data of 4 million current and former federal employees, raising US suspicions that Chinese hackers were building huge databases that could be used to recruit spies.
China has denied any connection with such attacks and little is known about the identities of those involved in them. However, cybersecurity experts are starting to learn more about their methods.
Researchers have connected the OPM breach to an earlier attack on US healthcare insurer Anthem Inc, which has been blamed on Deep Panda.
Myers says his team has no evidence that Shell Crew were behind the OPM attack, but believes Shell Crew and Deep Panda are the same group. And they are no newcomers to cyberespionage.
CrowdStrike, the cybersecurity company which gave Deep Panda its name due to its perceived Chinese links, traces its activities to 2011, when it launched attacks on defense, energy and chemical industries in the US and Japan, but few have caught them in the act.
The US government has signed defense cooperation agreements with Japan and the Philippines to boost the deterrence capabilities of countries in the first island chain, a report by the National Security Bureau (NSB) showed. The main countries on the first island chain include the two nations and Taiwan. The bureau is to present the report at a meeting of the legislature’s Foreign Affairs and National Defense Committee tomorrow. The US military has deployed Typhon missile systems to Japan’s Yamaguchi Prefecture and Zambales province in the Philippines during their joint military exercises. It has also installed NMESIS anti-ship systems in Japan’s Okinawa
TRAGEDY STRIKES TAIPEI: The suspect died after falling off a building after he threw smoke grenades into Taipei Main Station and went on a killing spree in Zhongshan A 27-year-old suspect allegedly threw smoke grenades in Taipei Main Station and then proceeded to Zhongshan MRT Station in a random killing spree that resulted in the death of the suspect and two other civilians, and seven injured, including one in critical condition, as of press time last night. The suspect, identified as a man surnamed Chang Wen (張文), allegedly began the attack at Taipei Main Station, the Taipei Fire Department said, adding that it received a report at 5:24pm that smoke grenades had been thrown in the station. One man in his 50s was rushed to hospital after a cardiac arrest
PUBLIC SAFETY: The premier said that security would be tightened in transport hubs, while President Lai commended the public for their bravery The government is to deploy more police, including rapid response units, in crowded public areas to ensure a swift response to any threats, President William Lai (賴清德) said yesterday after a knife attack killed three people and injured 11 in Taipei the previous day. Lai made the remarks following a briefing by the National Police Agency on the progress of the investigation, saying that the attack underscored the importance of cooperation in public security between the central and local governments. The attack unfolded in the early evening on Friday around Taipei Main Station’s M7 exit and later near the Taipei MRT’s Zhongshan
ON ALERT: Taiwan’s partners would issue warnings if China attempted to use Interpol to target Taiwanese, and the global body has mechanisms to prevent it, an official said China has stationed two to four people specializing in Taiwan affairs at its embassies in several democratic countries to monitor and harass Taiwanese, actions that the host nations would not tolerate, National Security Bureau (NSB) Director-General Tsai Ming-yen (蔡明彥) said yesterday. Tsai made the comments at a meeting of the legislature’s Foreign Affairs and National Defense Committee, which asked him and Minister of National Defense Wellington Koo (顧立雄) to report on potential conflicts in the Taiwan Strait and military preparedness. Democratic Progressive Party (DPP) Legislator Michelle Lin (林楚茵) expressed concern that Beijing has posted personnel from China’s Taiwan Affairs Office to its
RSS