China’s Deep Panda Hackers Target US Think Tanks

Deep Panda

The attacks are quite sophisticated and the cell that calls itself “Deep Panda” is according to the CrowdStrike team “one of the most advanced Chinese nation-state cyber intrusion groups.” But the focus of the group has recently switched due to recent events in Syria and Iraq.

Deep Panda’s attacks shifted after the emergence of ISIS

While no word was given as to which think tanks specifically were compromised, the group says that data was stolen from email accounts, directories, and files. Deep Panda stepped onto the scene about three years ago actively attacking groups who develop U.S. policy in Southeast Asia.

“This is undoubtedly related to the recent Islamic State of Iraq and the Levant (ISIS) takeover of major parts of Iraq and the potential disruption for major Chinese oil interests in that country. In fact, Iraq happens to be the fifth-largest source of crude oil imports for China and the country is the largest foreign investor in Iraq’s oil sector. Thus, it wouldn’t be surprising if the Chinese government is highly interested in getting a better sense of the possibility of deeper U.S. military involvement that could help protect the Chinese oil infrastructure in Iraq,” according to the CrowdStrike team.

CrowdStrike also pointed out that the attacks on Iraq involved think tanks began on June 18, the same day that ISIS began its assault on the Baiji oil refinery something of great interest to China and their energy concerns considering they have near no oil of their own unlike the United States.

Falcon Host employed to detect Deep Panda’s attacks

To detect the attacks on the Windows operating systems used by these think tanks, CrowdStrike employed a proprietary software suite it calls Falcon Host. The company provides this software free of charge to non-profits and think tanks that might otherwise not be able to afford it.

“Deep Panda presents a very serious threat not just to think tanks, but also multinational financial institutions, law firms, defense contractors, and government agencies,” the security researchers say. “Due to their stellar operational security and reliance on anti-forensic and anti-IOC detection techniques, detecting and stopping them is very challenging without the use of next-generation endpoint technology like Falcon Host.”

For exclusive info on hedge funds and the latest news from value investing world at only a few dollars a month check out ValueWalk Premium right here.

Multiple people interested? Check out our new corporate plan right here (We are currently offering a major discount)

About the Author

Brendan Byrne
While studying economics, Brendan found himself comfortably falling down the rabbit hole of restaurant work, ultimately opening a consulting business and working as a private wine buyer. On a whim, he moved to China, and in his first week following a triumphant pub quiz victory, he found himself bleeding on the floor based on his arrogance. The same man who put him there offered him a job lecturing for the University of Wales in various sister universities throughout the Middle Kingdom. While primarily lecturing in descriptive and comparative statistics, Brendan simultaneously earned an Msc in Banking and International Finance from the University of Wales-Bangor. He's presently doing something he hates, respecting French people. Well, two, his wife and her mother in the lovely town of Antigua, Guatemala. To contact Brendan or give him an exclusive, please contact him at [email protected]

Be the first to comment on "China’s Deep Panda Hackers Target US Think Tanks"

Leave a comment