Hacking groups and cyber espionage have frequently featured in cybersecurity reports; here, we will discuss both of them.
General description of hacking groups and cyber espionage
Hacking groups
Hacking groups have been active with their engagements in both legal and illegal activities. Legal activities are those that don't violate any government regulations, such as the spreading of user awareness, while illegal activities violate government regulations, such as electronic fraud. Hacking groups are an association of hackers that act in unison during cyber attacks. Due to their unity during attacks, they are often more successful than solo attackers. There has been significant activity from hacking groups that has led to both good outcomes, such as user awareness, and bad outcomes, such as the theft and destruction of data. Here are some famous hacking groups:
- Shadow Brokers: A notorious hacking group known for taking the fight directly to law-enforcement agencies. This group has taken credit for attacks against the US National Security Agency (NSA) many times. In their hacks, the Shadow Brokers have released to the public some of the alleged NSA hacking arsenal, which comprises exploits, bugs, and malware. This hacking group is associated with one of the most dreadful ransomware attacks. The group hacked the NSA and released an exploit called EternalBlue, which could be used against Windows computers. The exploit was released in March 2016 in black markets, and in May, hackers had already used it as part of the WannaCry ransomware attack. This is the exploit that made the encryption mechanism to execute by the Windows OS security mechanisms. The NSA was partially blamed by Microsoft for harboring these exploits instead of notifying the company so that they could be fixed. Shadow Brokers have not been associated with any illegal activity that targets corporate organizations or individuals. It seems that their main target is the NSA, due to speculations that this agency continually stocks exploits that it can use for espionage purposes inside and outside the US.
- Bureau 121: This hacking group is said to be from North Korea, which contradicts the common assumption that North Korea is lagging behind technologically. Defectors from North Korea have said that there are military hackers that are well-paid in the country to keep up with hacking operations. The group is said to be massive, with over 1,500 people who work outside North Korea. The group has attacked South Koreans through apps and websites, and has even destroyed banking records. They said to be behind the 2015 Sony hack, which cost the company $15,000,000. The hack came just after Sony released a movie that had depicted Kim Jong-un in a bad light.
- Anonymous: The most recognized hacking group in the world. It's said to be from 4chan and has, over the years since 2003, grown in number and capabilities. The group operates in a decentralized manner, and even if one of their members is arrested, there are more than sufficient personnel to keep the group running. The group is associated with a hacktivist movement that takes the form of vigilante actions. The group has played a role in anti-child-pornography movements, where its members have brought down numerous websites that offer such content. What makes Anonymous so special is that it has been adopted as an idea rather than a hacking group. Therefore, it has received adoption around the world and has a higher chance of staying relevant. This group has been branded with the iconic Guy Fawkes mask.
Apart from these hacking groups, there are many others. Some emerge and then cease to exist once their top leaders are arrested. Hacking groups are not necessarily evil since some of them hack with good intentions. However, they are still a threat to cybersecurity since they use tools and techniques that can be ultimately harmful to users and computers.
Cyber espionage
This is a growing cybersecurity problem where cyber criminals target an organization in an attempt to steal information that could be used by competitors or to undermine the company. Companies worldwide have fallen victim to these types of hack, where their business secrets are stolen by foreign countries. Manufacturing companies that have fallen victim to cyber espionage have seen counterfeits of their products being released at cheaper prices in overseas markets. Cyber espionage is becoming an economy menace since it affects the revenues of many organizations. It's estimated that a large number of organizations that have fallen victim to cyber espionage still don't know that they're victims.
In some incidents, cyber espionage has been directly attributed to hacking groups. There are fears, however, that some espionage attacks are state-sponsored. Some countries have been accused of having special units that conduct cyber-espionage attacks.