These Are The Hacker Groups Everyone’s Watching Right Now

Font Size:

Americans witnessed multiple software glitches Wednesday shut down the New York Stock Exchange, United Airlines, the Wall Street Journal and the Brookings Institution almost simultaneously.

Welcome to the New Normal.

Although the glitches didn’t appear to be connected, cyber-security experts told the Daily Caller News Foundation that Americans should expect more such outages.

“In today’s environment, companies are not really well prepared to respond to certain types of outages, whether it’s an attack, a data breach, internal threat or someone just unplugged the wrong box,” warned Joseph Loomis, founder and chief executive officer of Cybersponse, a cybersecurity firm established in 2011 to assist companies in responding to digital threats.

So which are the most prominent Cyber groups out there?

The hackers can be anything from a loose collection of people interested in societal change, to criminal syndicates, governments and terrorist groups.

Here is a partial list, compliments of Cybersponse and Wikipedia.  We’ve divided them into private hacking groups and those which are state-sponsored:

Private hackers:

* Anonymous – a loosely associated international network of activist and hacktivist entities founded in 2003. Supporters have called the group “freedom fighters” and digital Robin Hoods while critics have described them as “a cyber lynch-mob” or “cyber terrorists.

* Cult of the Dead Cow – also known as cDc or cDc Communications, is a computer hacker and DIY media organization founded in 1984 in Lubbock, Texas.  The group’s stated goal is “Global Domination Through Media Saturation.”

* Decocidio#Ө – an anonymous, autonomous collective of “hacktivists” which is part of Earth First!, a radical environmental protest organisation, and says its work is connected to Climate Justice Action.

* Lizard Squad – a hacking group known for targeting the PlayStation Network and Xbox Live services.

* UGNazi – A hacking group best known for several attacks on US government sites

* Xbox Underground – An international group responsible for hacking game developers, including Microsoft.

* Milw0rm is a group of “hacktivists” best known for penetrating the computers of the Bhabha Atomic Research Centre (BARC) in Mumbai.

* Chaos Computer Club –  based in Germany and other German-speaking countries. Famous among older hackers.

* TeslaTeam is a group of black-hat computer hackers from Serbia established 2010

* RedHack is a socialist hacker group based in Turkey, founded in 1997. They usually launch attacks against Turkish government’s websites and leak secret documents of Turkish government.

* Cicada 3301, a group of hackers and cryptographers that recruited from the public on three occasions between 2012 and 2014 by way of complex puzzles and hacking scavenger hunts.

* Goatse Security (GoatSec) is a loose-knit, nine-person grey hat hacker group that specializes in uncovering security flaws.

State-supported hackers

– APT1 – believed to be the 2nd Bureau of the People’s Liberation Army (PLA) most commonly known by its Military Unit Cover Designator Unit 61398. It has systematically stolen hundreds of terabytes of data of private industry and organizations from Western corporations.

NCPH – is a Chinese hacker group based out of Zigong in Sichuan Province.

CyberVor – the moniker given to a group of Russian hackers responsible for perpetrating a major 2014 theft of internet credentials.

Honker Union – a group known for hacktivism, mainly present in Mainland China, whose members launched a series of attacks on websites in the United States, mostly government-related sites.

Syrian Electronic Army – a group that claims responsibility for defacing or otherwise compromising scores of websites that it contends spread news hostile to the Syrian government or fake news

The most common attacks:

Phishing / Malware: This is a human engineering hack. It usually comes in the form of a very realistic password reset, but it can be just about any kind of hyperlinked material in a legitimate looking email.

SQL Injection: This is when hackers will identify an exploit in software such that an information or code entry results in a dump of information. Usually, when headlines pop up about a bunch of credit card numbers getting stolen, this is how it happened.

DDOS: Is just a massive traffic jam. There are sophisticated programs that can turn a single computer in a clicking/loading machine gun. If hackers have successfully spoofed a bunch of computers (yes, like the one you have in your home), they can daisy chain a DDOS (hence the “distributed”) to take down even the most powerful servers.

Insider Threat / Theft: This is otherwise known as a physical hack. This is what Edward Snowden did to the NSA. He simply walked in with a thumb drive, and walked out with a thumb drive.

Vulnerability exploit: Is the most technical kind of attack, and the most lucrative. In hacker and InfoSec parlance, they call these “zero day” exploits. Google pays freelancers tens of thousands of dollars just for finding one. It’s basically a hole in a program that is previously unknown by any actors. Hackers can then nest in a system, take what they want, no one the wiser.