Cybersecurity

Three hacking groups you need to know

The shadowy world of hackers is full of unknowns, and power is continuously changing hands as decentralized hacker chains form and break.

With breaches littering the headlines, it can be hard to remember which group is responsible for which attack — if responsibility can even be confirmed.

{mosads}Still, some groups have managed to stay prominent and on the radar of security analysts and governments worldwide.

They represent a range of approaches, from juvenile to upright, which gives a sense of the breadth of cultures within the global hacking community.

Lizard Squad

This group is well-known to people who were unable to use their Playstation or Xbox gaming consoles on Christmas Day.

Lizard Squad took down the Playstation and Xbox networks by breaching Sony and Microsoft networks, then argued online that the companies should do more to protect their systems.

The group has been tied to what appeared to be cyberattacks on Facebook, Instagram and dating app Tinder, as well as the websites for the Vatican and Malaysia Airlines.

Just Monday, the group made headlines again for apparently breaching Google’s search engine in Vietnam.

The group’s membership and precise motivations are, not surprisingly, unclear.  But at least two members have been identified by cybersecurity media outlets: Julius Kivimaki, a Finnish teenager, and Vinnie Omari, a 22-year-old from the United Kingdom.

Lizard Squad’s identity seems somewhat younger in profile than other hacking collectives, though not all of its actions have been merely mischievous.

In August 2014, the group used its widely followed Twitter platform to proclaim that explosives were on board a flight carrying John Smedley, who was then the president of Sony Online Entertainment. The company has since been sold and renamed Daybreak Game Company.

The tweet caused American Airlines to reroute the plane and make an emergency landing in Phoenix.

Lizard Squad has also faced criticism and confusion for invoking the Islamic State in Iraq and Syria in some of its tweets.

Referring to Kivimaki and Omari, cybersecurity blogger Brian Krebs wrote in December that Lizard Squad appears to be “little more than a group of fame-seeking kids.”

“Both of these individuals may in fact be guilty of nothing more than taking credit for other peoples’ crimes,” Krebs wrote. “But I hope it’s clear to the media that the Lizard Squad is not some sophisticated hacker group.”

Chaos Computer Club

The Chaos Computer Club (CCC) occupies an interesting position in Germany, its country of origin.

The 34-year-old group charges dues, holds annual conferences and boasts members who are highly placed in German technology companies.

Members have testified before German lawmakers, and some are working with Die Zeit, one of the country’s most influential newspapers, to develop software to be used by whistleblowers.

The CCC — part club, part interest group — also weighs in on wider political debates over data privacy.

Members recently called for the encryption of all online communications to protect against government surveillance, a stance that puts its at odds with increasingly terror-leery European Union (EU) officials.

In this way, the group represents a new paradigm in hacking, according to experts.

“The image of ‘the evil hacker’ is long gone. They are perceived as computer experts who understand technology,” German technology journalist Kai Biermann told The Wall Street Journal in December.

Closer to its inception, the group was known for exposing flaws in consumer software. One well-known example is when the club cracked Quicken, the personal finance program.

Most recently, the CCC has received attention for claims that it can breach the new iPhone’s fingerprint security system by taking a photo of a person’s hand. The group is now considered the EU’s largest hacker association.

Deep Panda

One hacking group that appears to be sponsored by the Chinese government has been tied to several successful attacks in the last year.

Lacking a name for the unit, the security firm CrowdStrike gave it one: Deep Panda.

The hackers’ latest handiwork may have been the massive Anthem data breach, which exposed the personal information of more than 80 million insurance policyholders. The cyberattack puts Anthem customers at risk for identity theft throughout their lives, and exposed many to subsequent phishing attacks from fraudsters around the world.

Deep Panda has been tied to cyberattacks on U.S. foreign policy think tanks and individuals who are experts on the Middle East and Australian media outlets.

A 2014 investigation by CrowdStrike also blamed the group for sending malware to organizations across the U.S. defense, healthcare and technology sectors.

Deep Panda is considered one of the most sophisticated hacking groups operating today. Just last month, the Federal Bureau of Investigation warned the cybersecurity community that the group represents a threat.

“This group uses a wide variety of tools including generic hacking utilities in order to gain access, establish persistent network access, and move laterally though the victim network,” an FBI official stated in a memo.